Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The mod_auth_ldap and mod_auth_ldap2 Community Modules through 2020-01-27 for Prosody incompletely verify the XMPP address passed to the is_admin() function. This grants remote entities admin-only functionality if their username matches the username of a local admin.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
mod_auth_ldap 安全漏洞
Vulnerability Description
mod_auth_ldap和mod_auth_ldap2 2020-01-27及之前版本(用于Prosody)中存在安全漏洞,该漏洞源于程序没有正确验证发送给‘is_admin()’函数的XMPP地址。远程攻击者可利用该漏洞访问仅管理员可访问的功能。
CVSS Information
N/A
Vulnerability Type
N/A