CVE-2024-48933

A cross-site scripting XSS vulnerability in LemonLDAP::NG before 2.19.3 allows remote attackers to inject arbitrary web script or HTML into the login page via a username if userControl has been set to a non-default value that allows special HTML characters...

LemonLDAP::NG 安全漏洞

LemonLDAP::NG is the LemonLDAP::NG open source suite of Web single sign-on and access management software. A security vulnerability exists in LemonLDAP::NG prior to version 2.19.3, which stems from a remote attacker being able to inject arbitrary Web script or HTML into the login page via a...