Greenhouse is aware of this vulnerability and has reviewed the impact against applications using SAML authentication.
Security researchers found a vulnerability in some SAML implementations that threat actors could use to bypass primary authentication, potentially elevating permissions or impersonating privileged accounts.
As Greenhouse already performs certain validation checks to prevent our systems from being exploited, Greenhouse customers are not at risk. For added layer of security, we will be updating our SAML libraries as soon as possible.
Due to validation checks performed on the NameID returned in SAML responses, this vulnerability could not be used to impersonate users belonging to other organizations. Additionally, organizations that do not allow employees to control the email address passed in the NameID field of the SAML response would not be vulnerable to any authorization flaws within their own organization.
*Next steps for Greenhouse customers*
No action is required by Greenhouse customers.
*Next steps being taken by Greenhouse*
Greenhouse is working to upgrade our SAML libraries to a patched version as soon as possible to ensure we are covered across all possible exploit vectors.
The SAML library upgrades are undergoing testing and we will notify customers once the patches have been released.