froxlor/froxlor is vulnerable to information disclosure. The application creates files with static names in /tmp
during installation in the case that the installation directory was not writable. This allows local attackers to cause retrieve confidential information out of the configuration files.
CPE | Name | Operator | Version |
---|---|---|---|
froxlor/froxlor | le | 0.10.13 |