Vuln ID: CVE-2021-27736
Published: 2021-04-22 14:15:09Z
Description: FusionAuth fusionauth-samlv2 before 0.5.4 allows XXE attacks via a forged AuthnRequest or LogoutRequest because parseFromBytes uses javax.xml.parsers.DocumentBuilderFactory unsafely.
Source: NVD.NIST.GOV