Vulnerabilidades en simplesamlphp
13 resultadosCVE-2024-52596HIGHSimpleSAMLphp xml-common XXE vulnerabilityEPSS 1.0%CVE-2020-5301LOWInformation disclosure of source code in SimpleSAMLphpEPSS 0.9%CVE-2011-4625—simplesamlphp before 1.6.3 (squeeze) and before 1.8.2 (sid) incorrectly handles XML encryption which could allow remote attackers to decryptEPSS 0.7%CVE-2010-10002LOWSimpleSAMLphp simplesamlphp-module-openid OpenID consumer.php cross site scriptingEPSS 0.6%CVE-2020-5225MEDIUMLog injection in SimpleSAMLphpEPSS 0.6%CVE-2010-10008LOWsimplesamlphp simplesamlphp-module-openidprovider trust.tpl.php cross site scriptingEPSS 0.6%CVE-2020-5226MEDIUMCross-site scripting in SimpleSAMLphpEPSS 0.5%CVE-2026-46491HIGHSimpleSAMLphp casserver FileSystemTicketStore path traversal allows out-of-ticket-directory read/unserialize and conditional deletionEPSS 0.4%CVE-2024-52806HIGHSimpleSAMLphp SAML2 has an XXE in parsing SAML messagesEPSS 0.4%CVE-2025-27773HIGHSimpleSAMLphp SAML2 library has incorrect signature verification for HTTP-Redirect bindingEPSS 0.3%CVE-2025-65954MEDIUMSimpleSAMLphp-casserver has an Open Redirect vulnerability via logoutEPSS 0.3%CVE-2023-49087MEDIUMValidation of SignedInfoEPSS 0.2%CVE-2026-32600HIGHxml-security is Missing AES-GCM Authentication Tag Validation on Encrypted Nodes Allows for Unauthorized DecryptionEPSS 0.1%