All incidents

PBL-09 Security audit results

Introduction

Vulnerabilities summary

IDProjectIssue nameSeverityStatus
PBL-09-001APILDAP injection via custom group/user filtersLowMitigated in v4.1.3
PBL-09-002APIMitigate arbitrary LDAP data exfiltration via fields_mappingMediumMitigated in v4.1.3

Current status:

1. Acknowledge issue with reporter
2. Get a fix/patch prepared
3. Release new version
4. Prepare a report about the issue
5. Feature the problem in the release
Last updated: 2023-09-11 00:00:00 CET
Flag of European UnionMade in Europe. Privacy by default.
Passbolt Security Incident Report: audit - September 11th, 2023