EPSS
Percentile
32.6%
froxlor/froxlor is vulnerable to cross-site scripting. The vulnerability exists due to a lack of sanitization of input via the customermail GET parameter allowing an attacker to input HTML tags which will be reflected in the login webpage.
github.com/Froxlor/Froxlor/blob/c97f5f1e29b0a5c311f9fa366b1d86b1659f03ef/index.php#L354
github.com/Froxlor/Froxlor/commits/master
github.com/Froxlor/Froxlor/security/advisories
nozero.io/en/cve-2020-29653-froxlor-html-injection-dangling-markup/