VYPR

Saml2 Js

by Clever

CVEs (1)

  • CVE-2017-11429HigApr 17, 2019
    risk 0.50cvss 7.7epss 0.02

    Clever saml2-js 2.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass…