CVE-2023-34923
- Reference to the description:
- Description:
- XML Signature Wrapping (XSW) in SAML-based Single Sign-on feature in TOPdesk v12.10.12 allows bad actors with credentials to authenticate with the Identity Provider (IP) to impersonate any TOPdesk user via SAML Response manipulation.
- Last updated date:
- 06/30/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 06/30/2023
- Reference url to background
https://char49.com/articles/topdesk-vulnerable-to-xml-signature-wrapping-attacks