froxlor/froxlor Security Advisories for 2.0.12 (11)
-
[HIGH] Froxlor username/surname AND company field Bypass
PKSA-94d1-2fmr-db7c CVE-2023-50256 GHSA-625g-fm5w-w7w4
Affected version: <=2.1.1
Reported by:
GitHub -
[CRITICAL] Froxlor Improper Input Validation vulnerability
PKSA-mhbb-j5t7-nknm CVE-2023-6069 GHSA-4jch-8qq5-hqg6
Affected version: <2.1.0-beta1
Reported by:
GitHub -
[MEDIUM] Cross-site Scripting (XSS) in froxlor/froxlor
PKSA-7ypx-w6wf-3q58 CVE-2023-4829 GHSA-cvwv-h85m-w37h
Affected version: <2.0.22
Reported by:
GitHub -
[LOW] Froxlor vulnerable to business logic errors
PKSA-g52h-rdch-wgq3 CVE-2023-4304 GHSA-9rmf-6qgj-g3wj
Affected version: <2.0.22
Reported by:
GitHub -
[CRITICAL] Froxlor vulnerable to Improper Encoding or Escaping of Output
PKSA-65v9-z1rw-mzb5 CVE-2023-3668 GHSA-c6v5-pf66-xfq8
Affected version: <2.0.21
Reported by:
GitHub -
[MEDIUM] Froxlor Session Fixation vulnerability
PKSA-t6cp-pc2s-dd4x CVE-2023-3192 GHSA-jr66-9ghf-6gp3
Affected version: <2.1.0
Reported by:
GitHub -
[CRITICAL] Froxlor vulnerable to Improper Restriction of Excessive Authentication Attempts
PKSA-hccz-hs29-mqsx CVE-2023-3173 GHSA-chw4-88xc-79w6
Affected version: <2.0.20
Reported by:
GitHub -
[HIGH] Froxlor vulnerable to Path Traversal
PKSA-23qg-5ycx-pktz CVE-2023-3172 GHSA-ghqq-jfx7-f6m9
Affected version: <2.0.20
Reported by:
GitHub -
[MEDIUM] Froxlor vulnerable to Allocation of Resources Without Limits or Throttling
PKSA-h83c-h2wd-ddkg CVE-2023-2666 GHSA-4gm9-c9jq-g523
Affected version: <2.0.16
Reported by:
GitHub -
[CRITICAL] froxlor/froxlor vulnerable to unrestricted upload of file with dangerous type
PKSA-prs9-yg3j-g3kv CVE-2023-2034 GHSA-qwvp-g9j7-28f6
Affected version: <2.0.14
Reported by:
GitHub -
[CRITICAL] Froxlor is vulnerable to authentication bypass
PKSA-6y4z-4r8g-7cfk CVE-2023-1307 GHSA-j83x-r9qq-9g4v
Affected version: <2.0.13
Reported by:
GitHub