I have added a failing test case in the fork I made here https://github.com/uday-rayala/samlr. You can login as one user and pretend to be another user.
I would have gone ahead and fixed this particular test case but it should be fixed by following the guidelines mentioned in that same article like returning the same assertion which has been verified by the Signature. This requires change in the design so wanted to discuss with you first about how to approach this.
We found out that samlr library is vulnerable to XSW attack mentioned here https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final91.pdf.
I have added a failing test case in the fork I made here https://github.com/uday-rayala/samlr. You can login as one user and pretend to be another user.
I would have gone ahead and fixed this particular test case but it should be fixed by following the guidelines mentioned in that same article like returning the same assertion which has been verified by the Signature. This requires change in the design so wanted to discuss with you first about how to approach this.