froxlor/froxlor is vulnerable to HTML Injection. The vulnerability exists due to invalid email address in index on error message which allows an attacker can inject and execute malicious HTML content in the web page through the edit customer option in the library.
CPE | Name | Operator | Version |
---|---|---|---|
froxlor/froxlor | le | 0.10.38 | |
froxlor/froxlor | le | 0.10.38 |