The SimpleSAML_Auth_TimeLimitedToken class in SimpleSAMLphp 1.14.14 and previous versions allows attackers with access to a secret token to extend its validity period by manipulating the prepended time offset.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
simplesamlphp simplesamlphp |