[3.7] phpldapadmin: XSS in htdocs/entry_chooser.php (CVE-2017-11107)
phpLDAPadmin through 1.2.3 has XSS in htdocs/entry_chooser.php via the form, element, rdn, or container parameter.
(from redmine: issue id 7510, created on 2017-07-12, closed on 2017-08-23)
- parent #7509 (closed)
- Revision 2a7e0c30 by Natanael Copa on 2017-08-22T19:13:09Z:
main/phpldapadmin: secfix for CVE-2017-11107 fixes #7510
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information