Download
| Alert*
ALAS2-2020-1381 --- 389-ds-base
A flaw was found in the "deref" plugin of 389-ds-base where it could use the "search" permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes
|