CVE-2026-46490: CWE-91: XML Injection (aka Blind XPath Injection) in tngan samlify
samlify is a Node.js library for SAML single sign-on. Prior to version 2.13.0, samlify’s template substitution only escapes attribute contexts. Values inserted into element text (e.g., <saml:AttributeValue>) are not escaped. A normal user can inject XML markup into an attribute value (e.g., email, name) and add new <saml:Attribute> elements inside the signed assertion. The IdP then signs the tampered assertion and the SP accepts the injected attributes as trusted. This allows privilege escalation when attributes are used for authorization (roles/groups). This issue has been patched in version 2.13.0.
AI Analysis
Technical Summary
samlify versions before 2.13.0 improperly handle XML escaping by only escaping attribute contexts but not element text content. This allows an attacker to inject arbitrary XML elements (e.g., <saml:Attribute>) into signed SAML assertions by injecting XML markup into attribute values such as email or name. Because the IdP signs the tampered assertion and the SP accepts it, the attacker can escalate privileges by injecting unauthorized attributes used for authorization. The vulnerability is classified as CWE-91 (XML Injection). A fix is available in samlify version 2.13.0.
Potential Impact
An attacker can inject unauthorized XML attributes into signed SAML assertions, which the Service Provider trusts, leading to privilege escalation. This can compromise authorization mechanisms relying on SAML attributes, potentially granting attackers elevated access or roles within affected systems. There are no known exploits in the wild as of the published date.
Mitigation Recommendations
Upgrade samlify to version 2.13.0 or later, where this XML Injection vulnerability has been patched. Since this is a library vulnerability, applying the official fix by updating the dependency is the recommended remediation. Patch status is confirmed by the vendor's versioning information.
CVE-2026-46490: CWE-91: XML Injection (aka Blind XPath Injection) in tngan samlify
Description
samlify is a Node.js library for SAML single sign-on. Prior to version 2.13.0, samlify’s template substitution only escapes attribute contexts. Values inserted into element text (e.g., <saml:AttributeValue>) are not escaped. A normal user can inject XML markup into an attribute value (e.g., email, name) and add new <saml:Attribute> elements inside the signed assertion. The IdP then signs the tampered assertion and the SP accepts the injected attributes as trusted. This allows privilege escalation when attributes are used for authorization (roles/groups). This issue has been patched in version 2.13.0.
CVSS v4.0
Score 8.7high
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
samlify versions before 2.13.0 improperly handle XML escaping by only escaping attribute contexts but not element text content. This allows an attacker to inject arbitrary XML elements (e.g., <saml:Attribute>) into signed SAML assertions by injecting XML markup into attribute values such as email or name. Because the IdP signs the tampered assertion and the SP accepts it, the attacker can escalate privileges by injecting unauthorized attributes used for authorization. The vulnerability is classified as CWE-91 (XML Injection). A fix is available in samlify version 2.13.0.
Potential Impact
An attacker can inject unauthorized XML attributes into signed SAML assertions, which the Service Provider trusts, leading to privilege escalation. This can compromise authorization mechanisms relying on SAML attributes, potentially granting attackers elevated access or roles within affected systems. There are no known exploits in the wild as of the published date.
Mitigation Recommendations
Upgrade samlify to version 2.13.0 or later, where this XML Injection vulnerability has been patched. Since this is a library vulnerability, applying the official fix by updating the dependency is the recommended remediation. Patch status is confirmed by the vendor's versioning information.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-05-14T18:06:06.811Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a27120ce29bf47b5072ecdb
Added to database: 6/8/2026, 7:03:40 PM
Last enriched: 6/8/2026, 7:18:29 PM
Last updated: 6/8/2026, 8:23:06 PM
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.