CVE-2023-0877: Improper Control of Generation of Code ('Code Injection')

February 17, 2023 (updated February 25, 2023)

Code Injection in GitHub repository froxlor/froxlor prior to 2.0.11.

References

github.com/advisories/GHSA-vp4r-h765-5mwp
github.com/froxlor/froxlor/commit/aa48ffca2bcaf7ae57be3b8147bb3138abdab984
huntr.dev/bounties/b29cf038-06f1-4fb0-9437-08f2991f92a8
nvd.nist.gov/vuln/detail/CVE-2023-0877

Code Behaviors & Features

Detect and mitigate CVE-2023-0877 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →