Fusionauth - Saml V2 CVE - CVE Search - CVE Details

Filtered by vendor Fusionauth Subscribe

Filtered by product Saml V2

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-27736	1 Fusionauth	1 Saml V2	2021-04-27	4.0 MEDIUM	6.5 MEDIUM
FusionAuth fusionauth-samlv2 before 0.5.4 allows XXE attacks via a forged AuthnRequest or LogoutRequest because parseFromBytes uses javax.xml.parsers.DocumentBuilderFactory unsafely.

Vulnerabilities (CVE)