[3.6] phpldapadmin: XSS in htdocs/entry_chooser.php (CVE-2017-11107)
phpLDAPadmin through 1.2.3 has XSS in htdocs/entry_chooser.php via the form, element, rdn, or container parameter.
(from redmine: issue id 7511, created on 2017-07-12, closed on 2017-08-23)
- parent #7509 (closed)
- Revision 34a4911e by Natanael Copa on 2017-08-22T19:14:06Z:
main/phpldapadmin: secfix for CVE-2017-11107 fixes #7511
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information