froxlor/froxlor is vulnerable to cross-site scripting. The vulnerability exists due to a lack of sanitization of input via the customermail GET parameter allowing an attacker to input HTML tags which will be reflected in the login webpage.
CPE | Name | Operator | Version |
---|---|---|---|
froxlor/froxlor | le | 0.10.22 | |
froxlor/froxlor | le | 0.10.22 |