Filtered by vendor Prosody Subscriptions
Filtered by product Mod Auth Ldap Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-8086 2 Debian, Prosody 3 Debian Linux, Mod Auth Ldap, Mod Auth Ldap2 2024-11-21 9.8 Critical
The mod_auth_ldap and mod_auth_ldap2 Community Modules through 2020-01-27 for Prosody incompletely verify the XMPP address passed to the is_admin() function. This grants remote entities admin-only functionality if their username matches the username of a local admin.