Impact
When access rules are used inside a protected host, some URL encodings may bypass filtering system.
Patches
Version 0.5.2 includes a patch that fixes the vulnerability
Workarounds
No way for users to fix or remediate the vulnerability without upgrading
References
https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/2290
For more information
If you have any questions or comments about this advisory:
Impact
When access rules are used inside a protected host, some URL encodings may bypass filtering system.
Patches
Version 0.5.2 includes a patch that fixes the vulnerability
Workarounds
No way for users to fix or remediate the vulnerability without upgrading
References
https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/2290
For more information
If you have any questions or comments about this advisory: