6 matches found
CVE-2024-9101
A reflected cross-site scripting XSS vulnerability in the 'Entry Chooser' of phpLDAPadmin version 1.2.1 through the latest version, 1.2.6.7 allows attackers to execute arbitrary JavaScript in the user's browser via the 'element' parameter, which is unsafely passed to the JavaScript 'eval' functio...
CVE-2024-9101 phpLDAPadmin: Reflected Cross-Site Scripting in entry_chooser.php
A reflected cross-site scripting XSS vulnerability in the 'Entry Chooser' of phpLDAPadmin version 1.2.1 through the latest version, 1.2.6.7 allows attackers to execute arbitrary JavaScript in the user's browser via the 'element' parameter, which is unsafely passed to the JavaScript 'eval' functio...
CVE-2024-9101 phpLDAPadmin: Reflected Cross-Site Scripting in entry_chooser.php
A reflected cross-site scripting XSS vulnerability in the 'Entry Chooser' of phpLDAPadmin version 1.2.1 through the latest version, 1.2.6.7 allows attackers to execute arbitrary JavaScript in the user's browser via the 'element' parameter, which is unsafely passed to the JavaScript 'eval' functio...
CVE-2024-9101
Summary of CVE-2024-9101 : A reflected XSS in phpLDAPadmin’s “Entry Chooser” affects versions 1.2.1 through 1.2.6.7. The vulnerability arises from unsafely passing the user-controlled parameter “element” into JavaScript eval, with exploitation limited to conditions where the window opener is corr...
CVE-2024-9101 phpLDAPadmin: Reflected Cross-Site Scripting in entry_chooser.php
A reflected cross-site scripting XSS vulnerability in the 'Entry Chooser' of phpLDAPadmin version 1.2.1 through the latest version, 1.2.6.7 allows attackers to execute arbitrary JavaScript in the user's browser via the 'element' parameter, which is unsafely passed to the JavaScript 'eval' functio...
CVE-2024-9101
A reflected cross-site scripting XSS vulnerability in the 'Entry Chooser' of phpLDAPadmin version 1.2.1 through the latest version, 1.2.6.7 allows attackers to execute arbitrary JavaScript in the user's browser via the 'element' parameter, which is unsafely passed to the JavaScript 'eval' functio...