Char49
  • Home
  • Company
    • About us
    • Team
  • Services
    • Auditing
      • Penetration Testing (Web Apps, Infrastructure, Mobile)
      • Red Team Assessment
      • Research (Apps, IoT)
    • Consulting
      • Data Loss Prevention
    • Training
      • Web Application Secure Coding
      • Mobile Application Secure Coding
      • APIs Secure Coding
      • Awareness Workshops
      • Social Engineering
      • Secure CI/CD Training
  • Articles
  • Talks
  • Careers
  • Contacts

Articles

Checkout our recent articles.
  • Home
12 Apr

TOPdesk vulnerable to XML Signature Wrapping Attacks

TOPdesk Single Sign-on integration based on SAML (Security Assertion Markup Language) was vulnerable to XML Signature Wrapping (XSW) attacks, allowing bad actors with credentials to authenticate with the Identity Provider (IdP) to impersonate any TOPdesk user, tampering with the SAML Response.

The...

By Char49 Advisories TOPdesk, SAML, XSW, XML-based, CVE-2023-34923
Contact Details

LEAP Center – Espaço Amoreiras

Rua D. João V, nº 24, 1.03

1250-091 Lisboa - Portugal

Phone: +351 919 770 012 *
* Call to National Mobile Network

Email: sec@char49.com

@char_49

LinkedIn

Pages
  • Company
  • Team
  • Articles
  • Contacts
Links
  • Privacy Policy
  • Consumer Disputes
  • Complaints Book

© Copyright 2025. All Rights Reserved.