PKSA-4y26-97zb-p98g Security Advisory
-
[HIGH] SimpleSAMLphp HTTP-Artifact TLS validator confusion allows cross-IdP authentication bypass
PKSA-4y26-97zb-p98g CVE-2026-49283 GHSA-6929-8p9f-26jx
Affected package: simplesamlphp/saml2-legacy
Affected version: <4.20.2
Reported by:
GitHub