← voltar
CVE-2021-3027

CVE-2021-3027

EPSS 1.2%
app/views_mod/user/user.py in LibrIT PaSSHport through 2.5 is affected by LDAP Injection. There is an information leak through the crafting of special queries, escaping the provided search filter because user input gets no sanitization.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/LibrIT/passhport/commit/366b03f607729c4538e91b634ecc57c8398522a1https://github.com/LibrIT/passhport/pull/562https://jorgectf.gitlab.io/disclosure/cve-2021-3027/