The SAML SSO addon in JFrog Artifactory version 659 does not properly validate the XML signature in the SAMLResponse field send to the URL /webapp/saml/loginResponse An attacker can use this flaw to login as any user if they already can login as some user ...