July 9, 2021 – Hacktive Security Blog

SA-CONTRIB-2021-036 NotSoSAML – Privilege Escalation via XML Signature Wrapping on MiniorangeSAML Drupal Plugin

Application Security

SA-CONTRIB-2021-036 NotSoSAML – Privilege Escalation via XML Signature Wrapping on MiniorangeSAML Drupal Plugin

Cristian Giustini

July 9, 2021September 23, 2021

This is a brief story about how we found a vulnerability on a drupal plugin that, when not configured correctly, could allow an authenticated user...

Recent Post

SA-CONTRIB-2021-036 NotSoSAML – Privilege Escalation via XML Signature Wrapping on MiniorangeSAML Drupal Plugin

CVE-2020-35749 – Authenticated Directory Traversal Simple Job Board WordPress plugin version < 2.9.3

ownCloud Multiple Vulnerabilities

Matrix Synapse 1.12.3 – SSRF and Cache poisoning

Android IPC: Part 2 – Binder and Service Manager Perspective

Top Category