Mandriva Linux Security Advisory 2012-020 - Cross-site scripting vulnerability in lib/QueryRender.php in phpLDAPadmin 1.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the base parameter in a query_engine action to cmd.php. The updated packages have been patched to correct this issue.
fc18383c444f0e98e5338fd2381568e3cdd1de6806ac1ac555dc336f0a02fe3f