Vulnerabilities > Miniorange > Ldap Integration With Active Directory AND Openldap > 5.0.2

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-17	CVE-2023-23749	Injection vulnerability in Miniorange Ldap Integration With Active Directory and Openldap 5.0.2 The 'LDAP Integration with Active Directory and OpenLDAP - NTLM & Kerberos Login' extension is vulnerable to LDAP Injection since is not properly sanitizing the 'username' POST parameter. network low complexity miniorange CWE-74	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.