Clever, Inc. Information for VU#475445
Multiple SAML libraries may allow authentication bypass via incorrect XML canonicalization and DOM traversal
- Vendor Information Help Date Notified: 24 Jan 2018
- Statement Date: 23 Feb 2018
- Date Updated: 26 Feb 2018
No statement is currently available from the vendor regarding this vulnerability.
Both versions 1.x and 2.x versions are affected. A patch is available for both versions.
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.