Multiple cross-site scripting (XSS) vulnerabilities in the Customer Add module of Foxlor v0.10.16 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the name, firstname, or username input fields.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| froxlor/froxlor(Packagist) | N/A | N/A | N/A |
CVSS Metrics
