You must log in or # to comment.
Most of the vulnerabilities in SAML are derived by the fact that XML it’s always a nightmare to parse… I wonder why people keep using it.
Historical decisions seem to be the most common reasons
Yes, but usually “historical decisions” is an acronym for “we are not able to manage that because we designed our systems in the worst possible way”
… and those decisions are sometimes rooted in “we don’t have the people and/or money to spend on a new development in this module.”
And everyone else is stuck either accepting that or spending the resources to ameliorate the situation. :/