← volver
CVE-2021-3027

CVE-2021-3027

EPSS 1.2%
app/views_mod/user/user.py in LibrIT PaSSHport through 2.5 is affected by LDAP Injection. There is an information leak through the crafting of special queries, escaping the provided search filter because user input gets no sanitization.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/LibrIT/passhport/commit/366b03f607729c4538e91b634ecc57c8398522a1https://github.com/LibrIT/passhport/pull/562https://jorgectf.gitlab.io/disclosure/cve-2021-3027/