VDB
CVE-2018-8763
CVE-2018-8763
PUBLISHED
Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 has XSS via the dn parameter to the templates/3rdParty/pla/htdocs/cmd.php URI or the template parameter to the templates/3rdParty/pla/htdocs/cmd.php?cmd=rename_form URI.
EPSS 0.45% · 63.9th percentile
Risk Scores
EPSS Score
0.45%
63.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:18.04:LTS | ldap-account-manager | 0, 6.1-1, 6.2-1 |
| Ubuntu:16.04:LTS | ldap-account-manager | 0, 4.9-1, 5.1-1 |
Exploit Intelligence
Timeline
- Mar 27, 2018 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2018-8763 third-party-advisory
- https://github.com/LDAPAccountManager/lam/commit/f1d7aec5fc4aaf516e1d8a6f0eb3082050553302 third-party-advisory
- https://github.com/LDAPAccountManager/lam/commit/16fc7f7e8603c5cb7c129cfbf97fc572b9b8740c third-party-advisory
- https://github.com/LDAPAccountManager/lam/commit/d4f0d6db966af4dd7d83c978125635f03895b81a third-party-advisory
- https://www.ldap-account-manager.org/lamcms/node/354 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2018-8763 third-party-advisory