Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 21 Oct 2013 23:16:47 +0200
From: Salvatore Bonaccorso <>
Subject: CVE Request: LDAP Account Manager XSS in login.php

Hi Kurt,

Eric Sesterhenn discovered a XSS vulnerability in login.php of
LDAP Account Manager and reported this to the Debian BTS[1]. It
requires to send malicious data via POST.


Upstream Bugreport:


Upstream also has already commited fixes to the VCS:


Could you please assign a CVE for this issue?


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.