Dayana

**Name of the Vulnerable Software and Affected Versions** Crowd versions prior to 3.4.6 Crowd versions 3.5.0 through 3.5.0 **Description** Upgrading Crowd via XML Data Transfer can reactivate a disabled user from OpenLDAP. **Recommendations** For versions prior to 3.4.6, update to version 3.4.6 or later. For version 3.5.0, update to version 3.5.1 or later.