↓
Skip to main content
Aura Research Division
Aura Research Division
Blogs
Pentest
Advisory
Vulnerability Disclosure
Whitepapers & Talks
Aura Home
Blogs
Pentest
Advisory
Vulnerability Disclosure
Whitepapers & Talks
Aura Home
Tim Goddard
Bypassing SAML 2.0 SSO with XML Signature Attacks
30 November 2016
Tim Goddard
SSO
Saml
XSW
Unfortunately, many SAML consumers don’t validate responses properly, allowing attacks up to and including full authentication bypass.