CVE-2023-2034

Name of the Vulnerable Software and Affected Versions froxlor versions prior to 2.0.14

Description The issue concerns the unrestricted upload of files with dangerous types in the GitHub repository froxlor/froxlor. Specifically, image files uploaded were not properly validated, which could result in remote code execution via path manipulation.

Recommendations For versions prior to 2.0.14, update to version 2.0.14 or later to resolve the issue. As a temporary workaround, consider restricting file uploads to only necessary and validated file types until the update is applied.