A serious security vulnerability, CVE-2025-23369, has been found in GitHub Enterprise Server (GHES) that lets attackers bypass SAML authentication and impersonate user accounts. This vulnerability takes advantage of specific anomalies in the libxml2 library employed in SAML response validation, allowing unauthorized access to accounts, even those with administrative rights. AlertCyber AttackVulnerabilities CVE-2024-55591 and CVE-2025-24472 New … Continue reading CVE-2025-23369
SAML Bypass Auth on GitHub Enterprise Servers to Login