Joshua Berkowitz How Parser Differentials Led to a Major SAML SSO Authentication Bypass Authentication Turned on Its Head Imagine logging in as anyone you choose—simply by exploiting a flaw in how a system verifies SAML SSO responses. This became a reality thanks to a critical vulnerabil... authentication bug bounty ruby-saml SAML security vulnerability XML parsing
