vulnerability
Ubuntu: (CVE-2018-8763): ldap-account-manager vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | Mar 27, 2018 | Jun 26, 2025 | Jun 26, 2025 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Mar 27, 2018
Added
Jun 26, 2025
Modified
Jun 26, 2025
Description
Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 has XSS via the dn parameter to the templates/3rdParty/pla/htdocs/cmd.php URI or the template parameter to the templates/3rdParty/pla/htdocs/cmd.php?cmd=rename_form URI.
Solution
no-fix-ubuntu-package
References
- CVE-2018-8763
- https://attackerkb.com/topics/CVE-2018-8763
- URL-https://github.com/LDAPAccountManager/lam/commit/16fc7f7e8603c5cb7c129cfbf97fc572b9b8740c
- URL-https://github.com/LDAPAccountManager/lam/commit/d4f0d6db966af4dd7d83c978125635f03895b81a
- URL-https://github.com/LDAPAccountManager/lam/commit/f1d7aec5fc4aaf516e1d8a6f0eb3082050553302
- URL-https://www.cve.org/CVERecord?id=CVE-2018-8763
- URL-https://www.ldap-account-manager.org/lamcms/node/354
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.