Feature Description
I request a capability for the exploitation of SSO protocols, including OIDC/OAuth 2.0 and SAML.
Problem
Vulnerabilities in SSO protocol implementations are often critical, as they are typically accessible from an unauthenticated context and can provide a high level of access to the victim application.
Preferred Solution
We should aim to get coverage of common attack paths, including XML signature wrapping attacks and redirect URI spoofing. More exotic attacks should also be considered.
Feature Description I request a capability for the exploitation of SSO protocols, including OIDC/OAuth 2.0 and SAML.
Problem Vulnerabilities in SSO protocol implementations are often critical, as they are typically accessible from an unauthenticated context and can provide a high level of access to the victim application.
Preferred Solution We should aim to get coverage of common attack paths, including XML signature wrapping attacks and redirect URI spoofing. More exotic attacks should also be considered.
Alternatives Considered None.
Additional Information None.