Описание
In the portal in LemonLDAP::NG before 2.21.0, cross-site scripting (XSS) allows remote attackers to inject arbitrary web script or HTML (into the login page) via the tab parameter, for Choice authentication.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2.21.0+ds-3 |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/noble | needs-triage | |
| esm-apps/xenial | needs-triage | |
| focal | ignored | end of standard support, was needs-triage |
| jammy | needs-triage | |
| noble | needs-triage | |
| oracular | ignored | end of life, was needs-triage |
Показывать по
EPSS
7.2 High
CVSS3
Связанные уязвимости
In the portal in LemonLDAP::NG before 2.21.0, cross-site scripting (XSS) allows remote attackers to inject arbitrary web script or HTML (into the login page) via the tab parameter, for Choice authentication.
In the portal in LemonLDAP::NG before 2.21.0, cross-site scripting (XS ...
In the portal in LemonLDAP::NG before 2.21.0, cross-site scripting (XSS) allows remote attackers to inject arbitrary web script or HTML (into the login page) via the tab parameter, for Choice authentication.
Уязвимость компонента Choice Authentication Module системы аутентификации для веб-приложений LemonLDAP::NG, позволяющая нарушителю проводить межсайтовые сценарные атаки
EPSS
7.2 High
CVSS3