We have received reports that LinkedIn has removed emails from their data export csv. We are currently working on a resolution. Time to resolution: 11/17/18.
Reports released today by Duo (third party link) show there are multiple vulnerabilities in SAML via the XML layer that could potentially be exploited to allow unauthenticated users access to a service like Teamable (in cases where customers are using SAML, e.g. OneLogin or Okta).
Okta also released a note (third party link) detailing how this exploit impacts those using the Okta service.
At Teamable, the security of your account and data is of paramount importance.
We have completed a rigorous review and have made the following impact assessment:
Okta customers are not impacted as the service we rely on, pysaml2, is not affected by this vulnerability.
For OneLogin customers, we have upgraded to python-saml v2.4.0 to patch for the vulnerability.
If you've encountered a problem and you need some help, please email firstname.lastname@example.org. This helps us to triage issues and make sure we don't miss anything important.