2025-09-17 16:52:16
cisa-cg
PUBLISHED
CISA Thorium does not escape user controlled strings used in LDAP queries. An authenticated remote attacker can modify LDAP authorization data such as group memberships. Fixed in 1.1.1.