发布于3月6日3月6日 Members Debian: CVE-2024-48933: lemonldap-ng -- security update Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 10/09/2024 Created 11/12/2024 Added 11/11/2024 Modified 01/28/2025 Description A cross-site scripting (XSS) vulnerability in LemonLDAP::NG before 2.19.3 allows remote attackers to inject arbitrary web script or HTML into the login page via a username if userControl has been set to a non-default value that allows special HTML characters. Solution(s) debian-upgrade-lemonldap-ng References https://attackerkb.com/topics/cve-2024-48933 CVE - 2024-48933 DLA-3979-1
参与讨论
你可立刻发布并稍后注册。 如果你有帐户,立刻登录发布帖子。
注意:你的帖子需要版主批准后才能看到。