6 matches found
EUVD-2021-2275
Malware in sbrugna...
Thunderdome injection vulnerability
Thunderdome is an open source agile planning poker application with an interesting theme by Steven Weathers, an individual developer in the U.S. An injection vulnerability exists in Thunderdome, which stems from the LDAP authentication feature not properly escaping the provided username, and no...
CVE-2021-41232
Thunderdome is an open source agile planning poker tool in the theme of Battling for points. In affected versions there is an LDAP injection vulnerability which affects instances with LDAP authentication enabled. The provided username is not properly escaped. This issue has been patched in versio...
CVE-2021-41232
Thunderdome is an open source agile planning poker tool in the theme of Battling for points. In affected versions there is an LDAP injection vulnerability which affects instances with LDAP authentication enabled. The provided username is not properly escaped. This issue has been patched in versio...
CVE-2021-41232 Improper Neutralization of Special Elements used in an LDAP Query
Thunderdome is an open source agile planning poker tool in the theme of Battling for points. In affected versions there is an LDAP injection vulnerability which affects instances with LDAP authentication enabled. The provided username is not properly escaped. This issue has been patched in versio...
CVE-2021-41232
Summary: Thunderdome is affected by an LDAP injection vulnerability in the LDAP authentication path due to improper escaping of the supplied username. The flaw impacts affected versions prior to patch release 1.16.3 and has been addressed in 1.16.3. If upgrading is not feasible, disable LDAP auth...