this post was submitted on 04 Jul 2023
6 points (100.0% liked)

appsec

377 readers
1 users here now

A community for all things related to application security.

founded 2 years ago
MODERATORS
laszlok
6
XML Security in Java (semgrep.dev)
submitted 2 years ago by N7x to c/appsec
5 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] himazawa 2 points 2 years ago* (last edited 2 years ago) (4 children)

Most of the vulnerabilities in SAML are derived by the fact that XML it’s always a nightmare to parse… I wonder why people keep using it.

[–] N7x 2 points 2 years ago (3 children)

Historical decisions seem to be the most common reasons

[–] himazawa 1 points 2 years ago (2 children)

Yes, but usually “historical decisions” is an acronym for “we are not able to manage that because we designed our systems in the worst possible way”

[–] N7x 1 points 2 years ago

Definitely

load more comments (1 replies)
load more comments (1 replies)
load more comments (1 replies)