Inverse · Packetfence · CVE-2011-4069
**Name of the Vulnerable Software and Affected Versions**
PacketFence versions prior to 3.0.2
**Description**
The issue allows remote attackers to conduct LDAP injection attacks, which can lead to authentication bypass via a crafted `username`. This is related to the `html/admin/login.php` file.
**Recommendations**
For versions prior to 3.0.2, update to version 3.0.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the `html/admin/login.php` file until the update is applied.