MidnightBSD

Advisories for web2ldap

CVE-2013-7258 MEDIUM

Cross-site scripting (XSS) vulnerability in web2ldap 1.1.x before 1.1.49 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "displaying group DN and entry data in group administration UI."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
web2ldap web2ldap 1.1.45
web2ldap web2ldap 1.1.46
web2ldap web2ldap 1.1.43
web2ldap web2ldap 1.1.44
web2ldap web2ldap *
web2ldap web2ldap 1.1.41
web2ldap web2ldap 1.1.42
web2ldap web2ldap 1.1.40
web2ldap web2ldap 1.1.47