OpenSAML is prone to a security vulnerability involving XML signature wrapping. Successful exploits may allow unauthenticated attackers to construct specially crafted messages that can be successfully verified and contain arbitrary content. This may aid in further attacks.
Updates are available. Please see the references for more information.