Description
Redash 8.0.0 is affected by LDAP Injection. There is an information leak through the crafting of special queries, escaping the provided template since the username included in the search filter lacks sanitization.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2020-23722 | Redash 8.0.0 is affected by LDAP Injection. There is an information leak through the crafting of special queries, escaping the provided template since the username included in the search filter lacks sanitization. |
References
History
No history.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-04T17:23:09.039Z
Reserved: 2021-01-04T00:00:00.000Z
Link: CVE-2020-36144
No data.
Status : Modified
Published: 2021-03-18T20:15:13.020
Modified: 2026-06-17T03:14:50.413
Link: CVE-2020-36144
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
EUVD