Vulnerabilities > ALF

DATE CVE VULNERABILITY TITLE RISK
2023-04-24 CVE-2023-2258 Improper Neutralization of Formula Elements in a CSV File vulnerability in ALF
Improper Neutralization of Formula Elements in a CSV File in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304.
network
low complexity
alf CWE-1236
8.8
8.8
2023-04-24 CVE-2023-2259 Code Injection vulnerability in ALF
Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304.
network
low complexity
alf CWE-94
7.2
7.2
2023-04-24 CVE-2023-2260 Authorization Bypass Through User-Controlled Key vulnerability in ALF
Authorization Bypass Through User-Controlled Key in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304.
network
low complexity
alf CWE-639
8.8
8.8