app/views_mod/user/user.py in LibrIT PaSSHport through 2.5 is affected by LDAP Injection. There is an information leak through the crafting of special queries, escaping the provided search filter because user input gets no sanitization.
- Additional Information
Repo link: https://github.com/LibrIT/passhport
- Vulnerability Type
CWE-090: LDAP Injection
- Vendor of Product
- Affected Product Code Base
passhport - <= Grive
- Affected Component
passhportd/app/views_mod/user/user.py -> (line 77) login = request.form[“login”] -> (line 85) result = try_login(login, password) -> (line 66) return try_ldap_login(login, password) -> (line 51) uid = useruid(s, login) -> (line 29) login not sanitized
- Attack Vectors
To exploit this vulnerability an attacker has to craft a query escaping the search filter.