CVE-2025-23369 PoC — GitHub Enterprise Server 数据伪造问题漏洞

Source

https://github.com/hakivvi/CVE-2025-23369

Associated Vulnerability

Title:GitHub Enterprise Server 数据伪造问题漏洞 (CVE-2025-23369)
Description:GitHub Enterprise Server是美国GitHub开源的一个应用软件。提供一个将自己的GitHub实例设置为虚拟设备，从而提供可扩展，易于管理的平台。 GitHub Enterprise Server存在安全漏洞，该漏洞源于加密签名验证不当,允许未经授权的内部用户进行签名欺骗。

Description

GitHub Entreprise Server SAML authentication bypass (CVE-2025-23369) exploit

Readme

# CVE-2025-23369

CVE-2025-23369 exploit, write up [here](https://repzret.blogspot.com/2025/02/abusing-libxml2-quirks-to-bypass-saml.html).

File Snapshot


 [4.0K]  /data/pocs/65dc078114382f5f1d021b547c4b20c23f383b79
├── [2.5K]  exploit.rb
└── [ 141]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!