CVE-2025-47949 – Samlify SAML Response Signature Wrapping Vulnerability

May 19, 2025

CVE ID : CVE-2025-47949

Published : May 19, 2025, 8:15 p.m. | 2 hours, 33 minutes ago

Description : samlify is a Node.js library for SAML single sign-on. A Signature Wrapping attack has been found in samlify prior to version 2.10.0, allowing an attacker to forge a SAML Response to authenticate as any user. An attacker would need a signed XML document by the identity provider. Version 2.10.0 fixes the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-47946 – Symfony UX Twig Component Attribute Injection XSS

Next Article CVE-2025-47944 – Multer Denial of Service

Highlights

CVE-2025-4248 – SourceCodester Simple To-Do List System SQL Injection

May 4, 2025

CVE ID : CVE-2025-4248

Published : May 4, 2025, 6:15 a.m. | 5 hours, 12 minutes ago

Description : A vulnerability has been found in SourceCodester Simple To-Do List System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /complete_task.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

GPT-5 should have a higher “degree of scientific certainty” than the current ChatGPT — but with less model switching

Elon Musk’s Grok 3 AI coming to Azure proves Satya Nadella’s allegiance isn’t to OpenAI, but to maximizing Microsoft’s profit gains by heeding consumer demands

One of the most promising open-world RPGs in years is releasing next week on Xbox and PC

NVIDIA’s latest driver fixes some big issues with DOOM: The Dark Ages

Community News: Latest PECL Releases (05.20.2025)

Community News: Latest PECL Releases (05.20.2025)

Getting Started with Personalization in Sitecore XM Cloud: Enable, Extend, and Execute

Universal Design and Global Accessibility Awareness Day (GAAD)

GPT-5 should have a higher “degree of scientific certainty” than the current ChatGPT — but with less model switching

GPT-5 should have a higher “degree of scientific certainty” than the current ChatGPT — but with less model switching

Elon Musk’s Grok 3 AI coming to Azure proves Satya Nadella’s allegiance isn’t to OpenAI, but to maximizing Microsoft’s profit gains by heeding consumer demands

One of the most promising open-world RPGs in years is releasing next week on Xbox and PC

CVE-2025-47949 – Samlify SAML Response Signature Wrapping Vulnerability

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-30193 – DNSdist TCP Stack Exhaustion Denial of Service Vulnerability

⚡ Weekly Recap: Zero-Day Exploits, Developer Malware, IoT Botnets, and AI-Powered Scams

The 5 Best Website Builders for Small Businesses in 2025

How to Contribute to Open Source Projects as a Beginner

Microsoftâ€™s KB5039299 update for Windows 10 (22H2) fixes past Start menu icon errors

CVE-2025-4248 – SourceCodester Simple To-Do List System SQL Injection

Keeping the page interactive while a View Transition is running

AI is Shaping the Future of Luxury Travel

Demystifying AI: What Every Business Leader Needs to Know to Stay Ahead🤖

CVE-2025-47949 – Samlify SAML Response Signature Wrapping Vulnerability

Related Posts