CVE-2016-15039

Name of the Vulnerable Software and Affected Versions: mhuertos phpLDAPadmin up to 665dbc2690ebeb5392d38f1fece0a654225a0b38

Description: A critical vulnerability was found in the function makeHttpRequest of the file htdocs/js/ajax functions.js, which can lead to HTTP request smuggling. The attack can be launched remotely. This issue is related to inconsistent interpretation of HTTP requests.

Recommendations: Apply the patch named dd6e9583a2eb2ca085583765e8a63df5904cb036 to fix this issue. As a temporary workaround, consider disabling the makeHttpRequest function until the patch is applied.