repz ret

low level shenanigans

Thursday, February 6, 2025

Abusing libxml2 quirks to bypass SAML authentication on GitHub Enterprise (CVE-2025-23369)

Last year, GitHub had issued some CVEs for issues that affected their SAML authentication implementation, for example, you can read about CVE-2024-4985/CVE-2024-948 on ProjectDiscovery blog. I...

at February 06, 2025 No comments:

Email This BlogThis!Share to X Share to Facebook Share to Pinterest

Newer Posts Older Posts Home

Subscribe to: Posts (Atom)

Abusing libxml2 quirks to bypass SAML authentication on GitHub Enterprise (CVE-2025-23369)

Last year, GitHub had issued some CVEs for issues that affected their SAML authentication implementation, for example, you can read about CV...

Abusing libxml2 quirks to bypass SAML authentication on GitHub Enterprise (CVE-2025-23369)

Last year, GitHub had issued some CVEs for issues that affected their SAML authentication implementation, for example, you can read about CV...
a tale of a weird WebSocket based HTTP request smuggling bug

I recently played Securinets CTF , which have hosted a Web challenge Mark4Archive by @nzeros , which required to bypass this Varnish rule :...
Exploiting TotalMeltdown: the fine way

CVE-2018-1038 aka TotalMeltdown is quite an old bug (2018) but still an awesome bug so i decided to write a decent exploit for it. The vulne...

Search This Blog

Home

About Me

hakivvi: web pentesting and low level stuff.

View my complete profile

Report Abuse

Labels

paging
windows

Blog Archive

February 2025 (1)
August 2023 (1)
November 2021 (1)