Advisories » MGASA-2017-0270

Updated phpldapadmin packages fix security vulnerability

Publication date: 15 Aug 2017
Modification date: 15 Aug 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-11107

Description

phpLDAPadmin through 1.2.3 has XSS in htdocs/entry_chooser.php via the
form, element, rdn, or container parameter (CVE-2017-11107).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=21370
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/32G6FKD3IJA6ARX774VQKNCVAH6VF4AX/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11107

SRPMS

5/core

• phpldapadmin-1.2.3-5.1.mga5

6/core

• phpldapadmin-1.2.3-7.1.mga6