Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2024-9101

Опубликовано: 19 дек. 2024
Источник: nvd
EPSS Низкий

Описание

A reflected cross-site scripting (XSS) vulnerability in the 'Entry Chooser' of phpLDAPadmin (version 1.2.1 through the latest version, 1.2.6.7) allows attackers to execute arbitrary JavaScript in the user's browser via the 'element' parameter, which is unsafely passed to the JavaScript 'eval' function. However, exploitation is limited to specific conditions where 'opener' is correctly set.

Ссылки

EPSS

Процентиль: 55%
0.00325
Низкий

Дефекты

CWE-79

Связанные уязвимости

ubuntu логотип

CVE-2024-9101

ubuntu
около 1 года назад

A reflected cross-site scripting (XSS) vulnerability in the 'Entry Chooser' of phpLDAPadmin (version 1.2.1 through the latest version, 1.2.6.7) allows attackers to execute arbitrary JavaScript in the user's browser via the 'element' parameter, which is unsafely passed to the JavaScript 'eval' function. However, exploitation is limited to specific conditions where 'opener' is correctly set.

debian логотип

CVE-2024-9101

debian
около 1 года назад

A reflected cross-site scripting (XSS) vulnerability in the 'Entry Cho ...

github логотип

GHSA-6mpf-h5jc-fvrw

github
около 1 года назад

A reflected cross-site scripting (XSS) vulnerability in the 'Entry Chooser' of phpLDAPadmin (version 1.2.1 through the latest version, 1.2.6.7) allows attackers to execute arbitrary JavaScript in the user's browser via the 'element' parameter, which is unsafely passed to the JavaScript 'eval' function. However, exploitation is limited to specific conditions where 'opener' is correctly set.

fstec логотип

BDU:2025-16093

CVSS3: 5.8
fstec
около 1 года назад

Уязвимость веб-инструмента администрирования LDAP phpLDAPadmin, позволяющая нарушителю выполнить произвольный код

redos логотип

ROS-20251215-7308

CVSS3: 5.8
redos
около 1 месяца назад

Уязвимость phpldapadmin

EPSS

Процентиль: 55%
0.00325
Низкий

Дефекты

CWE-79