Description
Node-SAML is a SAML library not dependent on any frameworks that runs in Node. In versions 5.0.1 and below, Node-SAML loads the assertion from the (unsigned) original response document. This is different than the parts that are verified when checking signature. This allows an attacker to modify authentication details within a valid SAML assertion. For example, in one attack it is possible to remove any character from the SAML assertion username. This issue is fixed in version 5.1.0.
References (3)
Scores
CVSS v4
9.3
EPSS
0.0004
EPSS Percentile
12.1%
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-347
CWE-87
Status
published
Products (3)
node-saml/node-saml
0 - 5.1.0npm
node-saml/node-saml
< 5.1.0
npm/node-saml
0npm
Published
Jul 24, 2025
Tracked Since
Feb 18, 2026