CVE-2024-52947
18.11.2024, 06:15
A cross-site scripting (XSS) vulnerability in LemonLDAP::NG before 2.20.1 allows remote attackers to inject arbitrary web script or HTML via the url parameter of the upgrade session confirmation page (upgradeSession / forceUpgrade) if the "Upgrade session" plugin has been enabled by an admin
Awaiting analysis
This vulnerability is currently awaiting analysis.
Debian Releases
Ubuntu Releases