Roland Gruber Softwareentwicklung LDAP Account Manager prior to 6.3 places a CSRF token in the sec_token parameter of a URI, which makes it easier for remote malicious users to defeat a CSRF protection mechanism by leveraging logging.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
debian debian linux 9.0 |
||
debian debian linux 8.0 |
||
ldap-account-manager ldap account manager |