HIGH
Onelogin
CVE published 2017-01-23
CVE-2016-5697
CVE-2016-5697 affects OneLogin ruby-saml and is described as an XML signature wrapping issue in versions before 1.3.0. NVD’s CPE data currently marks ruby-saml through 1.2.0 as vulnerable. The record carries a CVSS 3.0 base score of 7.5 (HIGH) with network access, no privileges, and high integrity impact, which makes this a serious issue for any service relying on the library for SAML authentication.