Description
The web application uses SAML. The web application's SAML Consumer Service is vulnerable to XSS due to lack of sanitization of values from SAMLResponse.
An unauthenticated attacker may be able to use it to attack other users.
Remediation
Apply context-dependent sanitization to SAMLResponse values rendered on a page