Vulnerability to Response Wrapping attacks resulting in a malicious user gaining unauthorized access to a system.

PKSA-4x6t-byc2-3fqx CVE-2016-1000253

Affected package: onelogin/php-saml

Affected version: <2.10.0

Reported by:
FriendsOfPHP/security-advisories