CVE-2023-45683

Summary

CVE-2023-45683 is a vulnerability affecting the github.com/crewjam/saml library for the Go language. In susceptible versions, this package fails to verify the Assertion Consumer Services (ACS) Location URI in accordance with the SAML binding being processed. This flaw can be exploited by attackers to register malicious Service Providers at the Identity Provider (IdP) and inject JavaScript in the ACS endpoint definition, resulting in Cross-Site-Scripting (XSS) attacks within the IdP context during Single Sign-On (SSO) flows. An attacker who successfully executes an XSS attack can carry out any authenticated action as the victim once their browser loads the IdP-initiated SSO link for the malicious service provider. Since Service Provider registration is typically an unconstrained operation in IdPs, this vulnerability does not require special permissions or public access to facilitate IdP interoperability. The issue has been rectified in version 0.4.14. As a workaround, users unable to upgrade can perform external URL validation or restrict end-users' ability to upload arbitrary metadata.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.