Insecure Storage of Sensitive Information
The miniorange_saml (aka Miniorange Saml) extension before 1.4.3 for TYPO3 allows Sensitive Data Exposure of API credentials and private keys.
Advisories for Composer/Miniorange/Miniorange-Saml package
2021
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The miniorange_saml (aka Miniorange Saml) extension before 1.4.3 for TYPO3 allows XSS.