The researcher said that comprehensive and lasting remediation requires significant restructuring of existing SAML libraries.
“Such changes may introduce breaking compatibility issues or regressions, but they are essential to ensure the robustness of XML parsing, signature validation, and canonicalization logic,” Fedotkin concluded. “Without this foundational rework, SAML authentication will remain vulnerable to the same classes of attacks that have persisted for nearly two decades.”
