I am using SAML2.0 authentication. For validating the SAML response XML from Okta, i make use of XSDs provided by Oasis SAML 2.0 specification. Everything works fine but when code base was scanned using fortify for security vulnerabilities, noted few issues with XSDs that it has week XML schema(Weak XML Schema : Type any/Undefined Namespace/Lax Processing) defined for few elements.
Has anybody faced such issue before on validating the SAML XML with XSD?