simplesamlphp/simplesamlphp is a PHP implementation of a SAML 2.0 service provider and identity provider, also compatible with Shibboleth 1.3 and 2.0.
Affected versions of this package are vulnerable to Information Disclosure. It is possible to access an unprotected endpoint part of SimpleSAMLphp, which contains deployment and debugging information.
simplesamlphp/simplesamlphp to version 1.17.8 or higher.
- Snyk ID
- 27 Nov, 2019
- 01 Dec, 2019