Vulnerability in Lemonldap-ng Lemonldap\

CVE-2012-6426

LemonLDAP::NG before 1.2.3 does not use the signature-verification capability of the Lasso library, which allows remote attackers to bypass intended access-control restrictions via crafted SAML data.

EPSS: 0.016 (72.0th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References