Vulnerability CVE-2024-48933


Published: 2024-10-09   Modified: 2024-10-10

Description:
A cross-site scripting (XSS) vulnerability in LemonLDAP::NG before 2.19.3 allows remote attackers to inject arbitrary web script or HTML into the login page via a username if userControl has been set to a non-default value that allows special HTML characters.

 References:
https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/3232

Copyright 2026, cxsecurity.com

 

Back to Top