Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-2275

Malware in sbrugna...

9.8CVSS9.3AI score0.01467EPSS
Exploits0References6
CNVD
CNVD
added 2021/11/03 12:0 a.m.19 views

Thunderdome injection vulnerability

Thunderdome is an open source agile planning poker application with an interesting theme by Steven Weathers, an individual developer in the U.S. An injection vulnerability exists in Thunderdome, which stems from the LDAP authentication feature not properly escaping the provided username, and no...

9.8CVSS2.9AI score0.01467EPSS
Exploits0References1
NVD
NVD
added 2021/11/02 6:15 p.m.33 views

CVE-2021-41232

Thunderdome is an open source agile planning poker tool in the theme of Battling for points. In affected versions there is an LDAP injection vulnerability which affects instances with LDAP authentication enabled. The provided username is not properly escaped. This issue has been patched in versio...

9.8CVSS0.01467EPSS
Exploits0References3
OSV
OSV
added 2021/11/02 6:15 p.m.12 views

CVE-2021-41232

Thunderdome is an open source agile planning poker tool in the theme of Battling for points. In affected versions there is an LDAP injection vulnerability which affects instances with LDAP authentication enabled. The provided username is not properly escaped. This issue has been patched in versio...

9.8CVSS7.2AI score
Exploits0References3
Cvelist
Cvelist
added 2021/11/02 5:55 p.m.30 views

CVE-2021-41232 Improper Neutralization of Special Elements used in an LDAP Query

Thunderdome is an open source agile planning poker tool in the theme of Battling for points. In affected versions there is an LDAP injection vulnerability which affects instances with LDAP authentication enabled. The provided username is not properly escaped. This issue has been patched in versio...

8.1CVSS9.9AI score0.01467EPSS
Exploits0References3
CVE
CVE
added 2021/11/02 5:55 p.m.54 views

CVE-2021-41232

Summary: Thunderdome is affected by an LDAP injection vulnerability in the LDAP authentication path due to improper escaping of the supplied username. The flaw impacts affected versions prior to patch release 1.16.3 and has been addressed in 1.16.3. If upgrading is not feasible, disable LDAP auth...

9.8CVSS9.1AI score0.01467EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder