CVE-2022-3869

MEDIUM6.1EPSS 14.9%

Froxlor vulnerable to code injection

發布日:2022/11/5修改日:2024/2/16

描述

Code Injection in GitHub repository froxlor/froxlor prior to version 0.10.38.2. There are currently no known workarounds, please upgrade to version 0.10.38.2.

受影響套件(1)

Packagist/froxlor/froxlorfrom 0, < 0.10.38.2

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	MEDIUM6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

參考連結(4)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2022-3869
WEBhttps://github.com/froxlor/froxlor
WEBhttps://github.com/froxlor/froxlor/commit/3f10a4adede9df83408d60ded78b51b812a763a8
WEBhttps://huntr.dev/bounties/7de20f21-4a9b-445d-ae2b-15ade648900b