cleantalk
Vulnerabilities and Security Researches

Active Directory Integration / LDAP Integration, f9fd62f7-e086-43cc-b08b-5e04d8723c91

CVE, Research URL

f9fd62f7-e086-43cc-b08b-5e04d8723c91

Home page URL

Security reports for Active Directory Integration / LDAP Integration

Application

Active Directory Integration / LDAP Integration

Published on
-
Research Description
Active Directory Integration / LDAP Integration [ldap-login-for-intranet-sites] < 3.6.95 Active Directory Integration / LDAP Integration &lt; 3.6.95 - Reflected Cross-Site Scripting The plugin does not escape the test_username parameter before outputting it back in the settings page, leading to a Reflected Cross-Site Scripting issue
Affected versions
max 3.6.95.
Status
vulnerable
Previous vulnerability researches
Active Directory Integration / LDAP Integration (73fb15a136e15a515041cfb4999569743d9b04e9) , Jun 07, 2024
Active Directory Integration / LDAP Integration (CVE-2023-2484) , Jun 07, 2024
Active Directory Integration / LDAP Integration (CVE-2023-2599) , Jun 07, 2024
Active Directory Integration / LDAP Integration (CVE-2023-5003) , Jun 07, 2024
Active Directory Integration / LDAP Integration (CVE-2023-0812) , Jun 07, 2024
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar &#8211; Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026