A phpldapadmin security update has been released for Debian GNU/Linux 8 Extended LTS to address an XSS security vulnerability.
ELA-502-1 phpldapadmin security update
Package phpldapadmin
ELA-502-1 phpldapadmin security update
Version 1.2.2-5.2+deb8u2
Related CVEs CVE-2020-35132
An XSS security vulnerability has been discovered in phpLDAPadmin, a web based interface for administering LDAP servers, that allows users to store malicious values that may be executed by other users at a later time.
For Debian 8 jessie, these problems have been fixed in version 1.2.2-5.2+deb8u2.
We recommend that you upgrade your phpldapadmin packages.
Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/
