Vulnerabilities > Froxlor > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-05 | CVE-2022-3869 | Cross-site Scripting vulnerability in Froxlor Code Injection in GitHub repository froxlor/froxlor prior to 0.10.38.2. | 6.1 |
| 2022-11-04 | CVE-2022-3721 | Cross-site Scripting vulnerability in Froxlor Code Injection in GitHub repository froxlor/froxlor prior to 0.10.39. | 4.6 |
| 2022-08-28 | CVE-2022-3017 | Unspecified vulnerability in Froxlor Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor prior to 0.10.38. | 6.5 |
| 2022-04-13 | CVE-2020-29653 | Cross-site Scripting vulnerability in Froxlor Froxlor through 0.10.22 does not perform validation on user input passed in the customermail GET parameter. | 6.1 |
| 2021-10-22 | CVE-2020-28957 | Cross-site Scripting vulnerability in Froxlor 0.10.16 Multiple cross-site scripting (XSS) vulnerabilities in the Customer Add module of Foxlor v0.10.16 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the name, firstname, or username input fields. | 5.4 |
| 2020-03-09 | CVE-2020-10237 | Race Condition vulnerability in Froxlor An issue was discovered in Froxlor through 0.10.15. | 5.5 |
| 2020-03-09 | CVE-2020-10236 | Improper Input Validation vulnerability in Froxlor An issue was discovered in Froxlor before 0.10.14. | 6.1 |