CVE-2022-3869

MEDIUM6.1EPSS 14.9%

Froxlor vulnerable to code injection

Published: 11/5/2022Modified: 2/16/2024

Description

Code Injection in GitHub repository froxlor/froxlor prior to version 0.10.38.2. There are currently no known workarounds, please upgrade to version 0.10.38.2.

Affected packages (1)

Packagist/froxlor/froxlorfrom 0, < 0.10.38.2

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References (4)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2022-3869
WEBhttps://github.com/froxlor/froxlor
WEBhttps://github.com/froxlor/froxlor/commit/3f10a4adede9df83408d60ded78b51b812a763a8
WEBhttps://huntr.dev/bounties/7de20f21-4a9b-445d-ae2b-15ade648900b