The multiauth module in SimpleSAMLphp 1.14.13 and previous versions allows remote malicious users to bypass authentication context restrictions and use an authentication source defined in config/authsources.php via vectors related to improper validation of user input.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
simplesamlphp simplesamlphp |
||
debian debian linux 7.0 |
||
debian debian linux 8.0 |
||
debian debian linux 9.0 |