Vulnerabilities > Shibboleth > Shibboleth Identity Provider

DATE CVE VULNERABILITY TITLE RISK
2011-09-02 CVE-2011-1411 Improper Authentication vulnerability in Shibboleth Opensaml and Shibboleth-Identity-Provider
Shibboleth OpenSAML library 2.4.x before 2.4.3 and 2.5.x before 2.5.1, and IdP before 2.3.2, allows remote attackers to forge messages and bypass authentication via an "XML Signature wrapping attack."
5.8