2024-04-03 00:00:00
mitre
PUBLISHED
In VeridiumID before 3.5.0, the identity provider page allows an unauthenticated attacker to discover information about registered users via an LDAP injection attack.