CVE-2021-43834
CVE-2021-43834 affects eLabFTW. In versions prior to 4.2.0, an attacker can authenticate as an existing user when that user was created via single sign-on options (e.g., LDAP or SAML), impacting deployments that rely on SSO instead of the local password. Root cause: improper handling of SSO-authe...