Cross-Site Scripting (XSS)

2024-05-1306:46:19

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

cross-site scripting

user input

loginname parameter

failed login attempts

malicious scripts

system logs

administrator

vulnerability

froxlor

software

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

8.7%

JSON

froxlor/froxlor is vulnerable to Cross-Site Scripting. The vulnerability is due to inadequate sanitization of user input in the loginname parameter during failed login attempts, which allows attackers to inject and store malicious scripts that are executed when an administrator views the System Logs.