CVE-2026-28809 | dropbox/arekinath/handnot2 esaml SAML xml external entity reference

Inserito da Angelo Barbosa | Mar 23, 2026 | CVE

A vulnerability, which was classified as problematic, was found in dropbox/arekinath/handnot2 esaml. This affects an unknown part of the component SAML Handler. Such manipulation leads to xml external entity reference.

This vulnerability is listed as CVE-2026-28809. The attack may be performed from remote. There is no available exploit.

You should upgrade the affected component.

CVE-2026-28809 | dropbox/arekinath/handnot2 esaml SAML xml external entity reference

Post correlati

CVE-2025-7743 | Dolusoft Omaspot prior 12.09.2025 cleartext transmission

CVE-2024-23183 | appleple A-Blog CMS up to 2.8.x/2.10.49/2.11.57/3.0.28/3.1.6 cross site scripting

CVE-2025-13730 | OpenID Connect Generic Client Plugin up to 3.10.0 on WordPress Shortcode openid_connect_generic_auth_url cross site scripting

CVE-2025-3909 | Mozilla Thunderbird up to 128.10.0/138.0.0 Header X-Mozilla-External-Attachment-URL cross site scripting