UBUNTU-CVE-2024-52947
A cross-site scripting XSS vulnerability in LemonLDAP::NG before 2.20.1 allows remote attackers to inject arbitrary web script or HTML via the url parameter of the upgrade session confirmation page upgradeSession / forceUpgrade if the "Upgrade session" plugin has been enabled by an admin...