A cross-site scripting issue has been discovered in phpLDAPadmin that allows users to store malicious values that may be executed by other users at a later time via get_request in lib/function.php.