Debian: DSA-5897-1 critical: lemonldap-ng cross-site scripting threat

Apr08
by Ike on April 8, 2025 at 5:55 pm
Posted In: Debian Linux Distribution - Security Advisories

Debian Advisory for Lemonldap::NG Security

A cross-site scripting vulnerability has been discovered in Lemonldap::NG, a Web-SSO system compatible with OpenID-Connect, CAS and SAML, when using the “Choice” module: It permits to introduce HTML code into the login page and if the default Content-Security-Policy headers

└ Tags: