GitHub has released security updates for Enterprise Server (GHES) to address multiple issues, including a critical bug that could allow unauthorized access to an instance.
The vulnerability, tracked as CVE-2024-9487, carries a CVS score of 9.5 out of a maximum of 10.0
"An attacker could bypass SAML single sign-on (SSO) authentication with the optional encrypted assertions feature, allowing



Source: TheHackerNews
Source Link: https://thehackernews.com/2024/10/github-patches-critical-flaw-in.html