CVE-2011-4625

Summary

simplesamlphp before 1.6.3 (squeeze) and before 1.8.2 (sid) incorrectly handles XML encryption which could allow remote attackers to decrypt or forge messages.

Affected Software

VendorProductVersion RangeStatus
simplesamlphpsimplesamlphp1.13.1-2affected

Weaknesses

  • Cryptography

ADP Enrichment

CVE Program Container

Additional References

References