FusionAuth fusionauth-samlv2 0.2.3 allows remote malicious users to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack".
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fusionauth samlv2 0.2.3 |