Keycloak Vulnerability Puts SAML Authentication at Risk

September 23, 2024/in General News

The vulnerability lies in Keycloak’s XMLSignatureUtil class, which incorrectly verifies SAML signatures, disregarding the vital “Reference” element that specifies the signed portion of the document.

Cyware News – Latest Cyber News – Read More