ARTICLE AD BOX
Published : Nov. 18, 2024, 6:15 a.m. | 24 minutes ago
Description : A cross-site scripting (XSS) vulnerability in LemonLDAP::NG before 2.20.1 allows remote attackers to inject arbitrary web script or HTML via the url parameter of the upgrade session confirmation page (upgradeSession / forceUpgrade) if the "Upgrade session" plugin has been enabled by an admin
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...