Sredny M

**Name of the Vulnerable Software and Affected Versions** tyk-identity-broker versions prior to 1.1.1 **Description** The issue is related to Authentication Bypass via the Go XML parser, which can cause SAML authentication bypass. This occurs because the XML parser does not guarantee integrity in the XML round-trip, specifically during the encoding and decoding of XML data. **Recommendations** For versions prior to 1.1.1, update to version 1.1.1 or later to resolve the issue. As a temporary workaround, consider restricting the use of SAML authentication until the update is applied.