Debian Security Advisory 1947 shibboleth-sp, shibboleth-sp2, opensaml2 – missing input sanitising

Article Source Debian Security Advisories
December 6, 2009, 4:00 pm

Matt Elder discovered that Shibboleth, a federated web single sign-on system is vulnerable to script injection through redirection URLs. More details can be found in the Shibboleth advisory at

Read More