froxlor/froxlor Security Advisories for 2.0.18 (8)
-
[HIGH] Froxlor username/surname AND company field Bypass
PKSA-94d1-2fmr-db7c CVE-2023-50256 GHSA-625g-fm5w-w7w4
Affected version: <=2.1.1
Reported by:
GitHub -
[CRITICAL] Froxlor Improper Input Validation vulnerability
PKSA-mhbb-j5t7-nknm CVE-2023-6069 GHSA-4jch-8qq5-hqg6
Affected version: <2.1.0-beta1
Reported by:
GitHub -
[MEDIUM] Cross-site Scripting (XSS) in froxlor/froxlor
PKSA-7ypx-w6wf-3q58 CVE-2023-4829 GHSA-cvwv-h85m-w37h
Affected version: <2.0.22
Reported by:
GitHub -
[LOW] Froxlor vulnerable to business logic errors
PKSA-g52h-rdch-wgq3 CVE-2023-4304 GHSA-9rmf-6qgj-g3wj
Affected version: <2.0.22
Reported by:
GitHub -
[CRITICAL] Froxlor vulnerable to Improper Encoding or Escaping of Output
PKSA-65v9-z1rw-mzb5 CVE-2023-3668 GHSA-c6v5-pf66-xfq8
Affected version: <2.0.21
Reported by:
GitHub -
[MEDIUM] Froxlor Session Fixation vulnerability
PKSA-t6cp-pc2s-dd4x CVE-2023-3192 GHSA-jr66-9ghf-6gp3
Affected version: <2.1.0
Reported by:
GitHub -
[CRITICAL] Froxlor vulnerable to Improper Restriction of Excessive Authentication Attempts
PKSA-hccz-hs29-mqsx CVE-2023-3173 GHSA-chw4-88xc-79w6
Affected version: <2.0.20
Reported by:
GitHub -
[HIGH] Froxlor vulnerable to Path Traversal
PKSA-23qg-5ycx-pktz CVE-2023-3172 GHSA-ghqq-jfx7-f6m9
Affected version: <2.0.20
Reported by:
GitHub