CVE-2011-0643

Name of the Vulnerable Software and Affected Versions phpLD version 4.1.0

Description A cross-site request forgery (CSRF) issue exists, allowing remote attackers to hijack the authentication of administrators for requests that add an administrator via the N action. This occurs in the admin/conf users edit.php file.

Recommendations For phpLD version 4.1.0, as a temporary workaround, consider restricting access to the admin/conf users edit.php file until a patch is available. Additionally, avoid using the affected functionality to add administrators via the N action until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.