CVE-2021-3027
N/A
N/A
Summary
app/views_mod/user/user.py in LibrIT PaSSHport through 2.5 is affected by LDAP Injection. There is an information leak through the crafting of special queries, escaping the provided search filter because user input gets no sanitization.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://jorgectf.gitlab.io/disclosure/cve-2021-3027/
- https://github.com/LibrIT/passhport/pull/562
- https://github.com/LibrIT/passhport/commit/366b03f607729c4538e91b634ecc57c8398522a1
References
- https://jorgectf.gitlab.io/disclosure/cve-2021-3027/
- https://github.com/LibrIT/passhport/pull/562
- https://github.com/LibrIT/passhport/commit/366b03f607729c4538e91b634ecc57c8398522a1
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.