samlstorm #149
Description
Please do not report security vulnerabilities here. The Responsible Disclosure Program details the procedure for disclosing security issues.
I do not consider this an app-specific vulnerability, as it pertains to a dependency that merely requires an update for maintenance purposes. If my assessment is incorrect, I apologize.
Description
- "xml-crypto" < "2.1.6" has severe vulnerability and needs to be patched
https://workos.com/blog/samlstorm