CVE-2016-10149

Published March 24th, 2017

View on NVD ↗

CVSS v3

N/A

CVSS v2

MEDIUM

Affected

PROJECT

Description

XML External Entity (XXE) vulnerability in PySAML2 4.4.0 and earlier allows remote attackers to read arbitrary files via a crafted SAML XML request or response.

IdentityPython/pysaml2

Python implementation of SAML2

GitHub

607