Cesnet · Perun · CVE-2020-5281
**Name of the Vulnerable Software and Affected Versions**
Perun versions prior to 3.9.1
**Description**
The issue allows a VO or group manager to modify the configuration of the LDAP extSource to retrieve all data from Perun LDAP. This is resolved in version 3.9.1 by sanitizing the input.
**Recommendations**
For versions prior to 3.9.1, update to version 3.9.1 to fix the issue by sanitizing the input.