SimpleSAMLphp xml-common XXE vulnerability
When loading an (untrusted) XML document, for example the SAMLResponse, it's possible to induce an XXE.
Advisories for Composer/Simplesamlphp/Saml2-Legacy package
2024
SimpleSAMLphp SAML2 has an XXE in parsing SAML messages
Summary When loading an (untrusted) XML document, for example the SAMLResponse, it's possible to induce an XXE.