CVE-2023-50256

Name of the Vulnerable Software and Affected Versions Froxlor versions prior to 2.1.2

Description Froxlor is open source server administration software. Prior to version 2.1.2, it was possible to submit the registration form with essential fields, such as the username and password, left intentionally blank. This allowed for a bypass of the mandatory field requirements, including surname and company name, established by the system.

Recommendations For versions prior to 2.1.2, update to version 2.1.2 to fix the issue. As a temporary workaround, consider implementing additional validation to ensure that all mandatory fields, including username, password, surname, and company name, are filled in before submitting the registration form. Restrict access to the registration form until the update is applied to minimize the risk of exploitation.