01642 06 11 11 Arrange Call

XML Signature Wrapping (XSW) Vulnerability in TOPdesk v12.10.12 SAML-based Single Sign-on

CVE-2023-34923 · HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CVE-2023-34923

XML Signature Wrapping (XSW) in SAML-based Single Sign-on feature in TOPdesk v12.10.12 allows bad actors with credentials to authenticate with the Identity Provider (IP) to impersonate any TOPdesk user via SAML Response manipulation.

Learn more about our User Device Pen Test.