CVE-2020-12676 – FusionAuth SAML v2.0 bindings in Java using JAXB – Signature Exclusion Attack

Posted by Advisories on Oct 02

#############################################################
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/research/advisories/
#
#############################################################
#
# Product: SAML v2.0 bindings in Java using JAXB
# Vendor: FusionAuth
# CSNC ID: CSNC-2020-002
# CVE ID: CVE-2020-12676
# Subject: Signature Exclusion Attack
# Risk: High
# Effect: Remotely exploitable
# Author: Felix…

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Patreon

Original Source