๐ CVE-2020-24660
๐ก Newskategorie: Sicherheitslรผcken
๐ Quelle: web.nvd.nist.gov
An issue was discovered in LemonLDAP::NG through 2.0.8, when NGINX is used. An attacker may bypass URL-based access control to protected Virtual Hosts by submitting a non-normalized URI. This also affects versions before 0.5.2 of the "Lemonldap::NG handler for Node.js" package. ...