59 matches found
FusionDIrectory 跨站脚本漏洞
FusionDIrectory is a FusionDIrectory open source application. Used to ensure that the user's identity management security. A cross-site scripting vulnerability exists in Fusiondirectory version 1.3. The vulnerability stems from a lack of effective filtering and escaping of user-supplied data, whi...
PT-2022-23245 · Unknown · Fusiondirectory
Name of the Vulnerable Software and Affected Versions: Fusiondirectory version 1.3 Description: The issue is related to improper session handling. Recommendations: For Fusiondirectory version 1.3, at the moment, there is no information about a newer version that contains a fix for this issue...
CVE-2022-36179
Fusiondirectory 1.3 suffers from Improper Session Handling...
FusionDIrectory 代码问题漏洞
FusionDIrectory is an application of FusionDIrectory open source. Used to ensure that the user's identity management security. A security vulnerability exists in FusionDIrectory version 1.3, which stems from a failure to properly handle sessions and can be exploited by an attacker to potentially...
PT-2022-23247 · Unknown · Fusiondirectory
Name of the Vulnerable Software and Affected Versions: Fusiondirectory version 1.3 Description: The issue concerns a Cross Site Scripting XSS vulnerability. It can be exploited via several "API Endpoints": "/fusiondirectory/index.php?message=injection",...
CVE-2022-36179
Fusiondirectory 1.3 suffers from Improper Session Handling...
CVE-2022-36179
Fusiondirectory 1.3 suffers from Improper Session Handling...
CVE-2022-36180
Fusiondirectory 1.3 is vulnerable to Cross Site Scripting XSS via /fusiondirectory/index.php?message=injection, /fusiondirectory/index.php?message=invalidparameter&plug=Injection, /fusiondirectory/index.php?signout=1&message=injection&plug=106...
CVE-2022-36180
Fusiondirectory 1.3 is vulnerable to Cross Site Scripting XSS via /fusiondirectory/index.php?message=injection, /fusiondirectory/index.php?message=invalidparameter&plug=Injection, /fusiondirectory/index.php?signout=1&message=injection&plug=106...
CVE-2022-36180
FusionDirectory 1.3 is vulnerable to Cross-Site Scripting (XSS) via multiple endpoints: /fusiondirectory/index.php?message=[injection], /fusiondirectory/index.php?message=invalidparameter&plug={Injection], and /fusiondirectory/index.php?signout=1&message=[injection]&plug=106. The CVE is CVE-2022-...
CVE-2022-36179
CVE-2022-36179 affects Fusiondirectory 1.3 and is due to Improper Session Handling. The connected advisories indicate a vulnerability in Fusiondirectory 1.3 requiring a package update; Mageia MGASA-2023-0352 notes updated fusiondirectory packages fix the issues, and Debian DLA-3487/DLA-3487-1 ref...
CVE-2022-36179
Fusiondirectory 1.3 suffers from Improper Session Handling...
CVE-2022-36180
Fusiondirectory 1.3 is vulnerable to Cross Site Scripting XSS via /fusiondirectory/index.php?message=injection, /fusiondirectory/index.php?message=invalidparameter&plug=Injection, /fusiondirectory/index.php?signout=1&message=injection&plug=106...
Debian DLA-1876-1 : gosa security update
In GOsa², an LDAP web-frontend written in PHP, a vulnerability was found that could theoretically have lead to unauthorized access to the LDAP database managed with FusionDirectory. LDAP queries' result status 'Success' checks had not been strict enough. The resulting output containing the...
Debian DLA-1875-1 : fusiondirectory security update
In FusionDirectory, an LDAP web-frontend written in PHP originally derived GOsa² 2.6.x, a vulnerability was found that could theoretically lead to unauthorized access to the LDAP database managed with FusionDirectory. LDAP queries' result status 'Success' checks had not been strict enough. The...
Debian: Security Advisory (DLA-1875-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1876-1] gosa security update
Package : gosa Version : 2.7.4+reloaded2-1+deb8u4 CVE ID : CVE-2019-11187 In GOsa², an LDAP web-frontend written in PHP, a vulnerability was found that could theoretically have lead to unauthorized access to the LDAP database managed with FusionDirectory. LDAP queries result status "Success" chec...
[SECURITY] [DLA 1875-1] fusiondirectory security update
Package : fusiondirectory Version : 1.0.8.2-5+deb8u2 CVE ID : CVE-2019-11187 In FusionDirectory, an LDAP web-frontend written in PHP originally derived GOsa² 2.6.x, a vulnerability was found that could theoretically lead to unauthorized access to the LDAP database managed with FusionDirectory. LD...
DLA-1875-1 fusiondirectory - security update
Bulletin has no description...