{ "affected": [ { "database_specific": { "unresolved_ranges": [ { "events": [ { "introduced": "0" }, { "last_affected": "32" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "33" } ] } ] }, "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "fixed": "1.2.6.2" } ] }, "events": [ { "introduced": "0" }, { "fixed": "a8fe6f32743d9db7a0de38fa21d71e61ae0b6a52" } ], "repo": "https://github.com/leenooks/phpLDAPadmin", "type": "GIT" }, { "events": [ { "introduced": "0" }, { "fixed": "c87571f6b7be15d5cd8b26381b6eb31ad03d28e2" } ], "repo": "https://github.com/leenooks/phpldapadmin", "type": "GIT" } ] } ], "details": "An XSS issue has been discovered in phpLDAPadmin before 1.2.6.2 that allows users to store malicious values that may be executed by other users at a later time via get_request in lib/function.php.", "id": "CVE-2020-35132", "modified": "2026-03-15T21:45:07.284390068Z", "published": "2020-12-11T05:15:12.950Z", "references": [ { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W6PZH3EY2T66N2MGOA7DWCAIVYIJH4BC/" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XA42XDSUPCOXL5ZCP5RGD3FD4JQQWNX/" }, { "type": "REPORT", "url": "https://bugs.launchpad.net/ubuntu/+source/phpldapadmin/+bug/1906474" }, { "type": "REPORT", "url": "https://github.com/leenooks/phpLDAPadmin/issues/130" }, { "type": "FIX", "url": "https://github.com/leenooks/phpLDAPadmin/commit/c87571f6b7be15d5cd8b26381b6eb31ad03d28e2" }, { "type": "FIX", "url": "https://github.com/leenooks/phpLDAPadmin/compare/1.2.5...1.2.6.2" } ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "type": "CVSS_V3" } ] }