Tivoli Federated Identity Manager could provide weaker than expected security, caused by improper validation of SAML message signature elements.Read more here… Read more...