[SECURITY] [DLA 1342-1] ldap-account-manager security update

Package : ldap-account-manager Version : 3.7-2+deb7u1 CVE ID : CVE-2018-8763 Michal Kedzior found two vulnerabilities in LDAP Account Manager, a web front-end for LDAP directories. CVE-2018-8763 The found Reflected Cross Site Scripting XSS vulnerability might allow an attacker to execute JavaScri...

[SECURITY] [DSA 4165-1] ldap-account-manager security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4165-1 [email protected] https://www.debian.org/security/ Luciano Bello April 03, 2018 https://www.debian.org/security/faq -...

CVE-2018-8763

CVE-2018-8763 affects LDAP Account Manager prior to 6.3, with a Reflected XSS via the dn parameter to templates/3rdParty/pla/htdocs/cmd.php or the cmd=rename_form parameter. The issue is documented across Debian security advisories (DSA-4165-1) and related OSS/Nessus references. Debian fixes: old...

LDAP Account Manager 6.2 Cross Site Scripting

Affected Software: LDAP Account Manager 6.2 Pentester: MichaA KAdzior CVE: CVE-2018-8763, CVE-2018-8764 Vulnerabilities : 1. Cross-site scripting reflected CVE-2018-8763 : ================================ Risk: HIGH Summary: Reflected Cross Site Scripting vulnerability has been found during the...