9Eki
CVE-2024-45160 | LemonLDAP::NG up to 2.19.1 OAuth2 Client Authentication client_password improper authentication (ID 3223)
A vulnerability was found in LemonLDAP::NG up to 2.19.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component OAuth2 Client Authentication. The manipulation of the argument client_password leads to improper authentication. This vulnerability is known as CVE-2024-45160. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.