CVE-2021-41232

Thunderdome is an open source agile planning poker tool in the theme of Battling for points. In affected versions there is an LDAP injection vulnerability which affects instances with LDAP authentication enabled. The provided username is not properly escaped. This issue has been patched in versio...

EUVD-2021-2275

Malware in sbrugna...

GO-2022-0939 Improper Neutralization of Special Elements used in an LDAP Query in stevenweathers/thunderdome-planning-poker in github.com/StevenWeathers/thunderdome-planning-poker

Improper Neutralization of Special Elements used in an LDAP Query in stevenweathers/thunderdome-planning-poker in github.com/StevenWeathers/thunderdome-planning-poker...

GHSA-26CM-QRC6-MFGJ Improper Neutralization of Special Elements used in an LDAP Query in stevenweathers/thunderdome-planning-poker

Impact LDAP injection vulnerability, only affects instances with LDAP authentication enabled. Patches Patch for vulnerability released with v1.16.3. Workarounds Disable LDAP feature if in use References OWASP LDAP Injection Prevention Cheat Sheet For more information If you have any questions or...

Thunderdome injection vulnerability

Thunderdome is an open source agile planning poker application with an interesting theme by Steven Weathers, an individual developer in the U.S. An injection vulnerability exists in Thunderdome, which stems from the LDAP authentication feature not properly escaping the provided username, and no...

CVE-2021-41232

Thunderdome is an open source agile planning poker tool in the theme of Battling for points. In affected versions there is an LDAP injection vulnerability which affects instances with LDAP authentication enabled. The provided username is not properly escaped. This issue has been patched in versio...

CVE-2021-41232

Thunderdome is an open source agile planning poker tool in the theme of Battling for points. In affected versions there is an LDAP injection vulnerability which affects instances with LDAP authentication enabled. The provided username is not properly escaped. This issue has been patched in versio...

Code injection

Thunderdome is an open source agile planning poker tool in the theme of Battling for points. In affected versions there is an LDAP injection vulnerability which affects instances with LDAP authentication enabled. The provided username is not properly escaped. This issue has been patched in versio...

CVE-2021-41232

Summary: Thunderdome is affected by an LDAP injection vulnerability in the LDAP authentication path due to improper escaping of the supplied username. The flaw impacts affected versions prior to patch release 1.16.3 and has been addressed in 1.16.3. If upgrading is not feasible, disable LDAP auth...

Thunderdome 注入漏洞

Thunderdome is an open source agile planning poker application with an interesting theme by Steven Weathers, an individual developer in the U.S. An injection vulnerability exists in Thunderdome, which stems from the LDAP authentication feature not properly escaping the provided username, and no...

PT-2021-23204 · Unknown · Thunderdome

Name of the Vulnerable Software and Affected Versions: Thunderdome versions prior to 1.16.3 Description: The issue is related to an LDAP injection vulnerability that affects instances with LDAP authentication enabled. The provided username is not properly escaped, allowing for potential...