Zendesk Samlr before 2.6.2 allows an XML nodes comment attack such as a name_id node with [email protected] followed by <!---->. and then the attacker's domain name.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-07-26T11:41:03

Updated: 2024-08-05T12:12:29.361Z

Reserved: 2019-07-26T00:00:00

Link: CVE-2018-20857

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-07-26T12:15:11.400

Modified: 2024-11-21T04:02:19.603

Link: CVE-2018-20857

cve-icon Redhat

No data.