SimpleSAMLphp versions before 1.18.6 contain an information disclosure vulnerability. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
PHP
Microsoft
Information Disclosure
Simplesamlphp
NVD
GitHub
CVSS 3.1
3.1
EPSS
0.9%