Release notes for Joomla LDAP (version 6.0.0)
Project: miniOrange LDAP Integration with Active Directory and OpenLDAP - NTLM & Kerberos Login
Date: 1 January 2023
Vulnerability: Risk of LDAP Injection
Affected versions:< 6.0.0
Description: Updated 2023-01-05 12:00 IST
miniOrange LDAP Integration with Active Directory and OpenLDAP - NTLM & Kerberos Login provides login to Joomla site using credentials stored in your LDAP Server. A vulnerability was pointed out that could cause a risk of information leakage and we keep the details of the security fix private to ensure that users of older versions are not impacted.
This issue is mitigated by the fact the risks of any LDAP Injection or any type of attack on the Active Directory including the alteration or retrieval of any data from the Active Directory have been prevented.
Install the latest version:
miniOrange Joomla Team