Solved Possible nginx LDAP security flaw
I just came across these two posts:
Apparently, there is a flaw in the nginx-ldap-auth module.
I know that Cloudron uses nginx a lot, and LDAP as well, so I wanted to make you aware of this.
I lack the knowledge to determine whether Cloudron is vulnerable.
Could you please investigate and remediate if necessary?
Thanks for the info, but we do not use this module, so we are all good.