Product
Drupal Contrib module miniorange_saml
Found
14.06.2020
Published
18.11.2020
CVE
SA-CONTRIB-2020-038
CVSS 3.0
9.8

This module enables your users residing at a SAML 2.0 compliant Identity Provider to login to your Drupal website.

The module has two Authentication Bypass vulnerabilities.

Solution: 

Install the latest version:

https://www.drupal.org/sa-contrib-2020-038