Almost Hacking into Cloudflare's CEO
In the past few months, there have been multiple public disclosures related to SAML Bypasses. This writeup is loosely inspired from them and my journey to uncover yet another SAML Bypass! If you aren’t familiar with SAML already, I’ll recommend to read the ProjectDiscovery blog first. Preparation It was a regular day when I encountered a public disclosure post about SAML Signature bypass in Github Enterprise. It was a Critical Severity vulnerability....