3 matches found
CVE-2022-23942
Apache Doris, prior to 1.0.0, used a hardcoded key and IV to initialize the cipher used for ldap password, which may lead to information disclosure...
PT-2022-7409 · Glpi +2 · Glpi +2
Name of the Vulnerable Software and Affected Versions: GLPI affected versions not specified Description: The issue is related to an error in the configuration transfer to javascript in the GLPI system, where some entries are filtered out, but the ldap pass variable is not. This allows a remote...
The vulnerability of the FortiSIEM security management portal allows a attacker to execute a cross-site scripting attack.
The vulnerability of the FortiSIEM security management portal is related to the disclosure of the unencrypted LDAP server password. Exploiting this vulnerability could allow a malicious actor to perform a cross-site scripting attack remotely...