CVE-2018-0486: Shibboleth(SAML IDP) open source vulnerability is currently awaiting analysis. For more details, see below url for reference:
https://nvd.nist.gov/vuln/detail/CVE-2018-0486
During my penetration test engagement in past. I was surprised that no matter airline , financial and retail industries web online application solutions are deployed open source single-sign on resources. An incident occurred in Equifax which awaken the business world that open source application has potential inherent risk. It will jeopardize your firm reputation. It looks that a very popular SAML IdP open source has vulnerability occurs. What is your comment? Remark: You can also find the details on attached picture diagram.
Some genuinely interesting info , well written and loosely user pleasant.