CVE-2025-48958 Froxlor has an HTML Injection Vulnerability

Froxlor is open source server administration software. Prior to version 2.2.6, an HTML Injection vulnerability in the customer account portal allows an attacker to inject malicious HTML payloads in the email section. This can lead to phishing attacks, credential theft, and reputational damage by...

CVE-2025-48958 Froxlor has an HTML Injection Vulnerability

Froxlor is open source server administration software. Prior to version 2.2.6, an HTML Injection vulnerability in the customer account portal allows an attacker to inject malicious HTML payloads in the email section. This can lead to phishing attacks, credential theft, and reputational damage by...

CVE-2025-48958

CVE-2025-48958 affects Froxlor before version 2.2.6, where an HTML Injection vulnerability in the Customer Account Portal (email section) allows injected HTML via user input in the domain field. Adversaries can cause phishing-style redirects to external sites, enabling credential theft and reputa...

CVE-2025-48958 Froxlor has an HTML Injection Vulnerability

Froxlor is open source server administration software. Prior to version 2.2.6, an HTML Injection vulnerability in the customer account portal allows an attacker to inject malicious HTML payloads in the email section. This can lead to phishing attacks, credential theft, and reputational damage by...

Froxlor 跨站脚本漏洞

Froxlor is a lightweight server management software from the Froxlor team. A security vulnerability exists in Froxlor versions prior to 2.2.6 that stems from an HTML injection flaw in the Customer Account Portal that could lead to phishing attacks...

CVE-2023-0316

Path Traversal: '\..\filename' in GitHub repository froxlor/froxlor prior to 2.0.0...

CVE-2023-0564

Weak Password Requirements in GitHub repository froxlor/froxlor prior to 2.0.10...

CVE-2023-0566

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' in froxlor/froxlor prior to 2.0.10...

CVE-2023-0565

Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.10...

CVE-2023-5564

Cross-site Scripting XSS - Stored in GitHub repository froxlor/froxlor prior to 2.1.0-dev1...

CVE-2023-3192

Session Fixation in GitHub repository froxlor/froxlor prior to 2.1.0...

CVE-2023-3172

Path Traversal in GitHub repository froxlor/froxlor prior to 2.0.20...

CVE-2023-2666

Allocation of Resources Without Limits or Throttling in GitHub repository froxlor/froxlor prior to 2.0.16...

CVE-2023-1307

Authentication Bypass by Primary Weakness in GitHub repository froxlor/froxlor prior to 2.0.13...

CVE-2023-0671

Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10...

CVE-2023-0572

Unchecked Error Condition in GitHub repository froxlor/froxlor prior to 2.0.10...

CVE-2023-0315

Command Injection in GitHub repository froxlor/froxlor prior to 2.0.8...

CVE-2023-0877

Code Injection in GitHub repository froxlor/froxlor prior to 2.0.11...

CVE-2023-2034

Unrestricted Upload of File with Dangerous Type in GitHub repository froxlor/froxlor prior to 2.0.14...

CVE-2023-1033

Cross-Site Request Forgery CSRF in GitHub repository froxlor/froxlor prior to 2.0.11...