| Bug | Description |
|---|
| CVE-2025-31510 | XSS/HTML Injection through tab parameter when using "Choice" authentication module |
| CVE-2024-52947 | A cross-site scripting (XSS) vulnerability in LemonLDAP::NG before 2.2 ... |
| CVE-2024-52946 | An issue was discovered in LemonLDAP::NG before 2.20.1. An Improper Ch ... |
| CVE-2024-48933 | A cross-site scripting (XSS) vulnerability in LemonLDAP::NG before 2.1 ... |
| CVE-2024-45160 | Incorrect credential validation in LemonLDAP::NG 2.18.x and 2.19.x bef ... |
| CVE-2023-44469 | A Server-Side Request Forgery issue in the OpenID Connect Issuer in Le ... |
| CVE-2023-28862 | An issue was discovered in LemonLDAP::NG before 2.16.1. Weak session I ... |
| CVE-2022-37186 | In LemonLDAP::NG before 2.0.15. some sessions are not deleted when the ... |
| CVE-2021-40874 | An issue was discovered in LemonLDAP::NG (aka lemonldap-ng) 2.0.13. Wh ... |
| CVE-2021-35473 | An issue was discovered in LemonLDAP::NG before 2.0.12. There is a mis ... |
| CVE-2021-35472 | An issue was discovered in LemonLDAP::NG before 2.0.12. Session cache ... |
| CVE-2020-24660 | An issue was discovered in LemonLDAP::NG through 2.0.8, when NGINX is ... |
| CVE-2020-16093 | In LemonLDAP::NG (aka lemonldap-ng) through 2.0.8, validity of the X.5 ... |
| CVE-2019-19791 | In LemonLDAP::NG (aka lemonldap-ng) before 2.0.7, the default Apache H ... |
| CVE-2019-15941 | OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may allow an ... |
| CVE-2019-13031 | LemonLDAP::NG before 1.9.20 has an XML External Entity (XXE) issue whe ... |
| CVE-2019-12046 | LemonLDAP::NG -2.0.3 has Incorrect Access Control. |
| CVE-2012-6426 | LemonLDAP::NG before 1.2.3 does not use the signature-verification cap ... |