Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 has XSS via the dn parameter to the templates/3rdParty/pla/htdocs/cmd.php URI or the template parameter to the templates/3rdParty/pla/htdocs/cmd.php?cmd=rename_form URI.
CPE | Name | Operator | Version |
---|---|---|---|
lam | eq | lam_6_2_RC1 | |
lam | eq | lam_6_0_RC1 | |
lam | eq | lam_6_1_RC1 | |
lam | eq | lam_6_2 | |
lam | eq | lam_5_6_RC1 | |
lam | eq | lam_5_7 | |
lam | eq | lam_6_3_RC1 | |
lam | eq | lam_5_5_RC1 | |
lam | eq | lam_6_0_RC2 | |
lam | eq | lam_6_0 |