GSA_kwCzR0hTQS1jdjI0LXZoNDUtNGhqbc4AAqaq

Moderate EPSS: 0.00206% (0.43328 Percentile) EPSS:

Permalink JSON

Foxlor cross-site scripting (XSS) vulnerability

Affected Packages	Affected Versions	Fixed Versions
packagist:froxlor/froxlor	= 0.10.16	No known fixed version
0 Dependent packages 0 Dependent repositories 22 Downloads total Affected Version Ranges All affected versions

Multiple cross-site scripting (XSS) vulnerabilities in the Customer Add module of Foxlor v0.10.16 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the name, firstname, or username input fields.

References:

https://nvd.nist.gov/vuln/detail/CVE-2020-28957
https://www.vulnerability-lab.com/get_content.php?id=2241
https://github.com/advisories/GHSA-cv24-vh45-4hjm

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Advisories

GSA_kwCzR0hTQS1jdjI0LXZoNDUtNGhqbc4AAqaq

Foxlor cross-site scripting (XSS) vulnerability

Affected Version Ranges

All affected versions

Identifiers

Risk

Severity

EPSS

Classification

Source

Origin

Date and time

Published

Updated

API