“SAML XML injection gives attackers free rein over user accounts, although hard-to-execute bug proves real-world threat is minimal UPDATED A class of vulnerability detected in several Single Sign-On (SSO) services might allow attackers to hack into corporate systems, security researchers at NCC Grou”
