{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-9101", "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c", "state": "PUBLISHED", "assignerShortName": "NCSC.ch", "dateReserved": "2024-09-23T13:40:38.311Z", "datePublished": "2024-12-19T13:41:06.610Z", "dateUpdated": "2024-12-20T20:20:24.165Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://github.com/leenooks/phpLDAPadmin/releases", "defaultStatus": "affected", "platforms": ["All platforms supporting phpLDAPadmin"], "product": "phpLDAPadmin", "programFiles": ["htdocs/entry_chooser.php"], "repo": "https://github.com/leenooks/phpLDAPadmin", "vendor": "phpLDAPadmin", "versions": [{"status": "affected", "version": "1.2.1"}, {"status": "affected", "version": "1.2.6.7"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Andreas Pfefferle, Redguard AG"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A reflected cross-site scripting (XSS) vulnerability in the 'Entry Chooser' of phpLDAPadmin (version 1.2.1 through the latest version, 1.2.6.7) allows attackers to execute arbitrary JavaScript in the user's browser via the 'element' parameter, which is unsafely passed to the JavaScript 'eval' function. However, exploitation is limited to specific conditions where 'opener' is correctly set."}], "value": "A reflected cross-site scripting (XSS) vulnerability in the 'Entry Chooser' of phpLDAPadmin (version 1.2.1 through the latest version, 1.2.6.7) allows attackers to execute arbitrary JavaScript in the user's browser via the 'element' parameter, which is unsafely passed to the JavaScript 'eval' function. However, exploitation is limited to specific conditions where 'opener' is correctly set."}], "impacts": [{"descriptions": [{"lang": "en", "value": "Allows execution of arbitrary JavaScript in the user's browser."}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "baseScore": 2.1, "baseSeverity": "LOW", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "455daabc-a392-441d-aa46-37d35189897c", "shortName": "NCSC.ch", "dateUpdated": "2024-12-19T13:41:06.610Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://www.redguard.ch/blog/2024/12/19/security-advisory-phpldapadmin/"}, {"url": "https://github.com/leenooks/phpLDAPadmin/commit/f713afc8d164169516c91b0988531f2accb9bce6#diff-c2d6d7678ada004e704ee055169395a58227aaec86a6f75fa74ca18ff49bca44R27"}, {"url": "https://github.com/leenooks/phpLDAPadmin/blob/master/htdocs/entry_chooser.php"}, {"url": "https://sourceforge.net/projects/phpldapadmin/files/phpldapadmin-php5/1.2.1/"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "It is recommended to avoid using the <tt>eval()</tt> function, especially in combination with user-supplied input. Instead of using <tt>eval()</tt>, it is advised to access the DOM element directly in a safe manner.<br>"}], "value": "It is recommended to avoid using the eval() function, especially in combination with user-supplied input. Instead of using eval(), it is advised to access the DOM element directly in a safe manner."}], "source": {"discovery": "EXTERNAL"}, "title": "phpLDAPadmin: Reflected Cross-Site Scripting in entry_chooser.php", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-12-20T20:20:12.468228Z", "id": "CVE-2024-9101", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-20T20:20:24.165Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-9101", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-12-20T20:20:12.468228Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-20T20:20:19.287Z"}}], "cna": {"title": "phpLDAPadmin: Reflected Cross-Site Scripting in entry_chooser.php", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Andreas Pfefferle, Redguard AG"}], "impacts": [{"descriptions": [{"lang": "en", "value": "Allows execution of arbitrary JavaScript in the user's browser."}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 2.1, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "LOW", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L", "providerUrgency": "NOT_DEFINED", "userInteraction": "ACTIVE", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "LOW", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/leenooks/phpLDAPadmin", "vendor": "phpLDAPadmin", "product": "phpLDAPadmin", "versions": [{"status": "affected", "version": "1.2.1"}, {"status": "affected", "version": "1.2.6.7"}], "platforms": ["All platforms supporting phpLDAPadmin"], "programFiles": ["htdocs/entry_chooser.php"], "collectionURL": "https://github.com/leenooks/phpLDAPadmin/releases", "defaultStatus": "affected"}], "solutions": [{"lang": "en", "value": "It is recommended to avoid using the eval() function, especially in combination with user-supplied input. Instead of using eval(), it is advised to access the DOM element directly in a safe manner.", "supportingMedia": [{"type": "text/html", "value": "It is recommended to avoid using the <tt>eval()</tt> function, especially in combination with user-supplied input. Instead of using <tt>eval()</tt>, it is advised to access the DOM element directly in a safe manner.<br>", "base64": false}]}], "references": [{"url": "https://www.redguard.ch/blog/2024/12/19/security-advisory-phpldapadmin/", "tags": ["third-party-advisory"]}, {"url": "https://github.com/leenooks/phpLDAPadmin/commit/f713afc8d164169516c91b0988531f2accb9bce6#diff-c2d6d7678ada004e704ee055169395a58227aaec86a6f75fa74ca18ff49bca44R27"}, {"url": "https://github.com/leenooks/phpLDAPadmin/blob/master/htdocs/entry_chooser.php"}, {"url": "https://sourceforge.net/projects/phpldapadmin/files/phpldapadmin-php5/1.2.1/"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "A reflected cross-site scripting (XSS) vulnerability in the 'Entry Chooser' of phpLDAPadmin (version 1.2.1 through the latest version, 1.2.6.7) allows attackers to execute arbitrary JavaScript in the user's browser via the 'element' parameter, which is unsafely passed to the JavaScript 'eval' function. However, exploitation is limited to specific conditions where 'opener' is correctly set.", "supportingMedia": [{"type": "text/html", "value": "A reflected cross-site scripting (XSS) vulnerability in the 'Entry Chooser' of phpLDAPadmin (version 1.2.1 through the latest version, 1.2.6.7) allows attackers to execute arbitrary JavaScript in the user's browser via the 'element' parameter, which is unsafely passed to the JavaScript 'eval' function. However, exploitation is limited to specific conditions where 'opener' is correctly set.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "455daabc-a392-441d-aa46-37d35189897c", "shortName": "NCSC.ch", "dateUpdated": "2024-12-19T13:41:06.610Z"}}}, "cveMetadata": {"cveId": "CVE-2024-9101", "state": "PUBLISHED", "dateUpdated": "2024-12-20T20:20:24.165Z", "dateReserved": "2024-09-23T13:40:38.311Z", "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c", "datePublished": "2024-12-19T13:41:06.610Z", "assignerShortName": "NCSC.ch"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A reflected cross-site scripting (XSS) vulnerability in the 'Entry Chooser' of phpLDAPadmin (version 1.2.1 through the latest version, 1.2.6.7) allows attackers to execute arbitrary JavaScript in the user's browser via the 'element' parameter, which is unsafely passed to the JavaScript 'eval' function. However, exploitation is limited to specific conditions where 'opener' is correctly set."}], "id": "CVE-2024-9101", "lastModified": "2024-12-19T14:15:06.147", "metrics": {"cvssMetricV40": [{"cvssData": {"attackComplexity": "HIGH", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 2.1, "baseSeverity": "LOW", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "LOW", "subsequentSystemConfidentiality": "LOW", "subsequentSystemIntegrity": "LOW", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "LOW", "vulnerableSystemConfidentiality": "LOW", "vulnerableSystemIntegrity": "LOW"}, "source": "vulnerability@ncsc.ch", "type": "Secondary"}]}, "published": "2024-12-19T14:15:06.147", "references": [{"source": "vulnerability@ncsc.ch", "url": "https://github.com/leenooks/phpLDAPadmin/blob/master/htdocs/entry_chooser.php"}, {"source": "vulnerability@ncsc.ch", "url": "https://github.com/leenooks/phpLDAPadmin/commit/f713afc8d164169516c91b0988531f2accb9bce6#diff-c2d6d7678ada004e704ee055169395a58227aaec86a6f75fa74ca18ff49bca44R27"}, {"source": "vulnerability@ncsc.ch", "url": "https://sourceforge.net/projects/phpldapadmin/files/phpldapadmin-php5/1.2.1/"}, {"source": "vulnerability@ncsc.ch", "url": "https://www.redguard.ch/blog/2024/12/19/security-advisory-phpldapadmin/"}], "sourceIdentifier": "vulnerability@ncsc.ch", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "vulnerability@ncsc.ch", "type": "Secondary"}]}

{}

{}