Hi!
Im researchingÂthe differentÂproblems with IdP initiated SAML and has come upon many sources that mention the problem with man in the middle vulnerability.Â
I understand that it is a problem. If an attacker can be between the browser and the SP when the response is sent, the attacker can take it and present it as his own.
But isnt this a problem in SP initiated as well? If the attacker can be between the browser and SP and the IdP and browser. It can intercept the response from the IdP and present it to SP. The response will correspond to the authnrequest sent for the original user.