Drupal MiniorangeSAML module version 8.x-2.22 suffers from a privilege escalation vulnerability via XML Signature Wrapping. Continue reading...