Ahmedvienna

**Name of the Vulnerable Software and Affected Versions** Froxlor versions prior to 2.1.2 **Description** Froxlor is open source server administration software. Prior to version 2.1.2, it was possible to submit the registration form with essential fields, such as the `username` and `password`, left intentionally blank. This allowed for a bypass of the mandatory field requirements, including `surname` and `company name`, established by the system. **Recommendations** For versions prior to 2.1.2, update to version 2.1.2 to fix the issue. As a temporary workaround, consider implementing additional validation to ensure that all mandatory fields, including `username`, `password`, `surname`, and `company name`, are filled in before submitting the registration form. Restrict access to the registration form until the update is applied to minimize the risk of exploitation.