lib/modules.inc in LDAP Account Manager (LAM) prior to 1.3.0 does not escape HTML special characters in LDAP data, which allows remote malicious users to have an unknown impact, probably cross-site scripting (XSS).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ldap account manager ldap account manager |