Description
The web application uses SAML. The web application's SAML Consumer Service uses a retired hash function for the digital signature.
An authenticated attacker may be able to use it to escalate privileges to a high privileged user or to takeover accounts of other users in the application.
Remediation
Change configuration of the SAML service to require a more secure hash function for the digital signature
References
Related Vulnerabilities
WordPress Plugin Simplr Registration Form Plus+ Privilege Escalation (2.4.3)
WordPress Plugin NextGEN Gallery-WordPress Gallery Privilege Escalation (3.2.2)
WordPress Plugin MasterStudy LMS-for Online Courses and Education Privilege Escalation (3.3.1)
WordPress Plugin Contact Form 7 Privilege Escalation (5.0.3)