Description
The web application uses SAML. The web application's SAML Consumer Service XML parser is vulnerable to XSLT injection.
XSLT (Extensible Stylesheet Language Transformations) is a language for transforming XML documents into other XML documents.
An unauthenticated attacker may be able to use it in order to read arbitrary files on the server or send requests to other servers (SSRF).
Remediation
Disable execution of arbitrary XSLT.