Description
keycloak validates that plaintext elements are signed when the response root is not signed, but it does not apply the same binding requirement to . The saml broker endpoint then decrypts and processes the first assertion choice, which allows an attacker to inject an encrypted assertion for an arbitrary principal alongside a valid signed assertion for themselves.
Under the stated preconditions, this can lead to impersonation in the brokered saml flow (account takeover / unauthorized login path).
Description
keycloak validates that plaintext elements are signed when the response root is not signed, but it does not apply the same binding requirement to . The saml broker endpoint then decrypts and processes the first assertion choice, which allows an attacker to inject an encrypted assertion for an arbitrary principal alongside a valid signed assertion for themselves.
Under the stated preconditions, this can lead to impersonation in the brokered saml flow (account takeover / unauthorized login path).