zendesk/samlr

Releases52

Frequency3 months 6 days

Last Release 2 months ago

Stars29

Clean room implementation of SAML for Ruby

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2018-20857 ↗	Jul 26, 2019Friday, 26 July 2019, 12:15	—	5 MEDIUM
Zendesk Samlr before 2.6.2 allows an XML nodes comment attack such as a name_id node with [email protected] followed by <!---->. and then the attacker's domain name.