On October 12th 2022 a bug was identified in SAML 2.0, a method of authenticating to a website. This bug is contained within the Passport-SAML and Node-SAML libraries, and could allow a malicious person to gain unauthorised access to the website by bypassing the SAML authentication.

Does Optimal Workshop use the Password-SAML and Node-SAML libraries?

No, we can confirm that the Optimal Workshop platform does not use the Password-SAML and Node-SAML libraries and therefore we are not affected by this issue.

Did this answer your question?