CVE-2018-8763
MEDIUM6.1EPSS 0.45%ldap-account-manager - security update
發布日:2018/3/27修改日:2026/4/28
也稱為:DEBIAN-CVE-2018-8763
描述
Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 has XSS via the dn parameter to the templates/3rdParty/pla/htdocs/cmd.php URI or the template parameter to the templates/3rdParty/pla/htdocs/cmd.php?cmd=rename_form URI.
受影響套件(3)
- Debian/ldap-account-managerfrom 0, < 6.3-1
- Debian/ldap-account-managerfrom 0, < 3.7-2+deb7u1
- Debian/ldap-account-managerfrom 0, < 4.7.1-1+deb8u1
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM6.1 | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |