Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-42335 | 1 Fl3xx | 2 Crew, Dispatch | 2024-11-21 | N/A | 8.8 HIGH |
|
Unrestricted File Upload vulnerability in Fl3xx Dispatch 2.10.37 and fl3xx Crew 2.10.37 allows a remote attacker to execute arbitrary code via the add attachment function in the New Expense component.
|
|||||
| CVE-2023-42334 | 1 Fl3xx | 2 Crew, Dispatch | 2024-11-21 | N/A | 6.5 MEDIUM |
|
An Indirect Object Reference (IDOR) in Fl3xx Dispatch 2.10.37 and fl3xx Crew 2.10.37 allows a remote attacker to escalate privileges via the user parameter.
|
|||||