Skip to main content

Saml Sso Service Provider CVE-2026-3217

| EUVDEUVD-2026-15477 MEDIUM
Cross-site Scripting (XSS) (CWE-79)
2026-03-25 drupal GHSA-p74c-x8rc-vp4m
6.1
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.1 MEDIUM
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

4
Patch released
Mar 31, 2026 - 21:13 nvd
Patch available
EUVD ID Assigned
Mar 25, 2026 - 15:46 euvd
EUVD-2026-15477
Analysis Generated
Mar 25, 2026 - 15:46 vuln.today
CVE Published
Mar 25, 2026 - 15:24 nvd
MEDIUM 6.1

DescriptionCVE.org

Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal SAML SSO - Service Provider allows Cross-Site Scripting (XSS).This issue affects SAML SSO - Service Provider: from 0.0.0 before 3.1.3.

AnalysisAI

A Cross-Site Scripting (XSS) vulnerability exists in the Drupal SAML SSO - Service Provider module due to improper neutralization of user input during web page generation. All versions prior to 3.1.3 are affected, allowing attackers to inject malicious scripts that execute in the browsers of users interacting with SAML authentication flows. The vulnerability is classified as CWE-79 (Improper Neutralization of Input During Web Page Generation), and while no CVSS score or EPSS data is currently available, the nature of XSS in authentication modules represents a significant risk to credential theft and session hijacking.

Technical ContextAI

The SAML SSO - Service Provider module (cpe:2.3:a:drupal:saml_sso_-_service_provider) is a Drupal contrib module that implements SAML 2.0 service provider functionality, enabling single sign-on integration with enterprise identity providers. The vulnerability stems from CWE-79, which occurs when user-controlled input derived from SAML assertions, HTTP parameters, or other sources is rendered into HTML or JavaScript contexts without proper encoding or sanitization. In the context of SAML authentication, this commonly affects attribute mapping, error messages, or user metadata displayed during or after authentication. The module's failure to neutralize special characters (such as angle brackets, quotes, or event handlers) before rendering them in web pages allows attackers to break out of intended HTML contexts and execute arbitrary JavaScript.

RemediationAI

Immediately upgrade the SAML SSO - Service Provider module to version 3.1.3 or later. This patch version contains fixes for the XSS vulnerability and should be applied as the primary remediation. Until the upgrade can be deployed, implement Content Security Policy (CSP) headers with script-src restrictions and X-XSS-Protection headers on the web server to mitigate XSS execution. Additionally, restrict access to SAML authentication endpoints to trusted networks only, monitor for suspicious authentication patterns, and audit SAML attribute mappings to ensure no user-controlled data is rendered without HTML entity encoding. Consult the Drupal security advisory at https://www.drupal.org/sa-contrib-2026-018 for detailed patch notes and deployment guidance.

Share

CVE-2026-3217 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy