Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:prosody:mod_auth_ldap:2020-01-27:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2020-8086 |
The mod_auth_ldap and mod_auth_ldap2 Community Modules through 2020-01-27 for Prosody incompletely verify the XMPP address passed to the is_admin() function. This grants remote entities admin-only functionality if their username matches the username of a local admin. Published: January 28, 2020; 12:15:12 PM -0500 |
V3.1: 9.8 CRITICAL V2.0: 6.8 MEDIUM |