Ledgersmb Ledgersmb vulnerabilities

CVE-2021-3882 [MEDIUM] CWE-614 CVE-2021-3882: LedgerSMB does not set the 'Secure' attribute on the session authorization cookie when the client us LedgerSMB does not set the 'Secure' attribute on the session authorization cookie when the client uses HTTPS and the LedgerSMB server is behind a reverse proxy. By tricking a user to use an unencrypted connection (HTTP), an attacker may be able to obtain the authentication data by capturing network traffic. LedgerSMB 1.8 and newer switched from Basic

CVE-2021-3694 [CRITICAL] CWE-79 CVE-2021-3694: LedgerSMB does not sufficiently HTML-encode error messages sent to the browser. By sending a special LedgerSMB does not sufficiently HTML-encode error messages sent to the browser. By sending a specially crafted URL to an authenticated user, this flaw can be abused for remote code execution and information disclosure.

CVE-2021-3693 [CRITICAL] CWE-79 CVE-2021-3693: LedgerSMB does not check the origin of HTML fragments merged into the browser's DOM. By sending a sp LedgerSMB does not check the origin of HTML fragments merged into the browser's DOM. By sending a specially crafted URL to an authenticated user, this flaw can be abused for remote code execution and information disclosure.

CVE-2021-3731 [MEDIUM] CWE-1021 CVE-2021-3731: LedgerSMB does not sufficiently guard against being wrapped by other sites, making it vulnerable to LedgerSMB does not sufficiently guard against being wrapped by other sites, making it vulnerable to 'clickjacking'. This allows an attacker to trick a targetted user to execute unintended actions.