Описание
An XSS issue has been discovered in phpLDAPadmin before 1.2.6.2 that allows users to store malicious values that may be executed by other users at a later time via get_request in lib/function.php.
Ссылки
- Issue TrackingThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.2.6.2 (исключая)
cpe:2.3:a:phpldapadmin_project:phpldapadmin:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
EPSS
Процентиль: 66%
0.00523
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 5.4
ubuntu
около 5 лет назад
An XSS issue has been discovered in phpLDAPadmin before 1.2.6.2 that allows users to store malicious values that may be executed by other users at a later time via get_request in lib/function.php.
CVSS3: 5.4
debian
около 5 лет назад
An XSS issue has been discovered in phpLDAPadmin before 1.2.6.2 that a ...
github
больше 3 лет назад
An XSS issue has been discovered in phpLDAPadmin before 1.2.6.2 that allows users to store malicious values that may be executed by other users at a later time via get_request in lib/function.php.
EPSS
Процентиль: 66%
0.00523
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79