Severity by source
AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N
Any authenticated low-privilege account (PR:L) can inject over the network with low complexity; forged signed attributes give I:H, and the trust boundary crossed to relying SPs justifies S:C with A:N.
Primary rating from Vendor (github).
CVSS VectorVendor: github
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N
Lifecycle Timeline
2DescriptionCVE.org
Logto is the modern, open-source auth infrastructure for SaaS and AI apps. Prior to 1.41.0, Logto's self-hosted SAML application IdP built the signed SAML response and assertion by string-substituting user-controlled profile attributes such as name, email, and custom attribute-mapping values into element-text placeholders of a SAML XML template using samlify 2.10.0, which left those placeholders unescaped. An authenticated low-privilege user could place XML markup in a profile attribute so Logto signed a forged SAML attribute, such as an arbitrary role, allowing privilege escalation at relying Service Providers that authorize on SAML attributes. This issue is fixed in version 1.41.0.
AnalysisAI
Privilege escalation in Logto's self-hosted SAML IdP (before 1.41.0) lets an authenticated low-privilege user forge signed SAML attributes such as roles, enabling elevated access at any relying Service Provider that authorizes on SAML attributes. Because user-controlled profile fields (name, email, custom attribute-mapping values) were string-substituted into an unescaped XML template via samlify 2.10.0, an attacker embeds XML markup that Logto then cryptographically signs as legitimate. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires that Logto be deployed with the self-hosted SAML application IdP feature enabled and that at least one relying Service Provider authorizes based on SAML attributes (e.g., role, group). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The provided CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N, score 8.5) aligns well with the described mechanics: remote, low-complexity, requiring only a low-privilege authenticated account, with high integrity impact and a scope change reflecting compromise of downstream Service Providers - a distinct trust boundary from Logto itself. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | A low-privilege user with a valid Logto account edits a profile attribute (such as display name or a custom attribute-mapping value) to embed SAML XML markup declaring an elevated role. When that user authenticates via SAML to a relying Service Provider, Logto substitutes and signs the assertion containing the forged attribute, and the SP grants admin-level access based on the trusted, signed role. … |
| Remediation | Vendor-released patch: upgrade Logto to 1.41.0 or later, which is the fix released in https://github.com/logto-io/logto/releases/tag/v1.41.0 (code changes in PR https://github.com/logto-io/logto/pull/9107 and commit 9097054860f0d638d90778d3dcde2ba050b844b6). … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Identify all Logto self-hosted deployments and document current versions in use. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-91 – XML Injection (aka Blind XPath Injection)
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-43010