Drupal Saml Sp 2 0 Single Sign On
By the Year
In 2024 there have been 0 vulnerabilities in Drupal Saml Sp 2 0 Single Sign On . Saml Sp 2 0 Single Sign On did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 1 | 8.80 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Saml Sp 2 0 Single Sign On vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Drupal Saml Sp 2 0 Single Sign On Security Vulnerabilities
Xecurify's miniOrange Premium
CVE-2022-26493
8.8 - High
- June 03, 2022
Xecurify's miniOrange Premium, Standard, and Enterprise Drupal SAML SP modules possess an authentication and authorization bypass vulnerability. An attacker with access to a HTTP-request intercepting method is able to bypass authentication and authorization by removing the SAML Assertion Signature - impersonating existing users and existing roles, including administrative users/roles. This vulnerability is not mitigated by configuring the module to enforce signatures or certificate checks. Xecurify recommends updating miniOrange modules to their most recent versions. This vulnerability is present in paid versions of the miniOrange Drupal SAML SP product affecting Drupal 7, 8, and 9.
Improper Certificate Validation
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Drupal Saml Sp 2 0 Single Sign On or by Drupal? Click the Watch button to subscribe.