Summary
Acunetix 360 detected that the target application is vulnerable to an Retired hash function in SAML Response.
The web application uses SAML. The web application's SAML Consumer Service uses a retired hash function for the digital signature. An authenticated attacker may be able to use it to escalate privileges to a high privileged user or to takeover accounts of other users in the application.
Impact
Account takeover and/or privilege escalation
Remediation
Change the configuration of the SAML service to require a more secure hash function for the digital signature