Skip to content

Access Control: PHP LDAP Admin < 1.2.5 - Cross-Site Scripting

Identifier: phpldapadmin_xss

Scanner(s) Support

GraphQL Scanner REST Scanner WebApp Scanner ASM Scanner

Description

PHP LDAP Admin < 1.2.5 is vulnerable to cross-site scripting, allowing attackers to execute arbitrary scripts.

How we test: We test for XSS vulnerabilities in PHP LDAP Admin by injecting malicious payloads and analyzing responses to detect if scripts are executed in the browser.

Reference:

Configuration

Example

Example configuration:

---
security_tests:
  phpldapadmin_xss:
    skip: false

Reference

skip

Type : boolean

Skip the test if true.