Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The CSV export in Apache LDAP Studio and Apache Directory Studio before 2.0.0-M10 does not properly escape field values, which might allow attackers to execute arbitrary commands by leveraging a crafted LDAP entry that is interpreted as a formula when imported into a spreadsheet.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apache Directory Studio和Apache Directory Studio 命令注入漏洞
Vulnerability Description
Apache LDAP Studio和Apache Directory Studio都是美国阿帕奇(Apache)软件基金会所研发的用来连接到任何LDAP服务器并进行管理和开发的LDAP工具平台。 Apache LDAP Studio和Apache Directory Studio 2.0.0-M10之前版本的CSV导出中存在安全漏洞,该漏洞源于程序没有正确跳过特定的字段值。攻击者可借助在导出到电子表格时被解析为公式的LDAP条目利用该漏洞执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A