← back
CVE-2021-3027

CVE-2021-3027

EPSS 1.2%
app/views_mod/user/user.py in LibrIT PaSSHport through 2.5 is affected by LDAP Injection. There is an information leak through the crafting of special queries, escaping the provided search filter because user input gets no sanitization.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/LibrIT/passhport/commit/366b03f607729c4538e91b634ecc57c8398522a1https://github.com/LibrIT/passhport/pull/562https://jorgectf.gitlab.io/disclosure/cve-2021-3027/