froxlor/froxlor is vulnerable to HTML Injection. The vulnerability is due to the Interval Time in the Dropdown Menu of the cronjob page, which doesn’t validate the input, allowing an attacker to change to time to a stored HTML Injection due to the update
function in Cronjobs.php
.
CPE | Name | Operator | Version |
---|---|---|---|
froxlor/froxlor | le | 2.0.9 | |
froxlor/froxlor | le | 2.0.9 |