2 matches found
CVE-2021-41276
Tuleap CVE-2021-41276 affects the LDAP synchronization path. The issue arises when the search filter built from the ldap_id attribute is not properly sanitized, allowing a user with site administrator rights (or an LDAP operator able to create/modify accounts) to force updates to ldap_uid, potent...
CVE-2021-41276 Indirect LDAP injection in Tuleap
Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. In affected versions Tuleap does not sanitize properly the search filter built from the ldapid attribute of a user during the daily synchronization. A malicious user could force accounts to ...