December 6, 2009

Debian Security Advisory 1947 shibboleth-sp, shibboleth-sp2, opensaml2 - missing input sanitising

Article Source Debian Security Advisories
December 6, 2009, 4:00 pm

Matt Elder discovered that Shibboleth, a federated web single sign-on system is vulnerable to script injection through redirection URLs. More details can be found in the Shibboleth advisory at http://shibboleth.internet2.edu/secadv/secadv_20091104.txt...

Read More

Click Here!