Fl3xx: >> Dispatch >> 2.10.37 Security Vulnerabilities
An Indirect Object Reference (IDOR) in Fl3xx Dispatch 2.10.37 and fl3xx Crew 2.10.37 allows a remote attacker to escalate privileges via the user parameter.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-09-20
Unrestricted File Upload vulnerability in Fl3xx Dispatch 2.10.37 and fl3xx Crew 2.10.37 allows a remote attacker to execute arbitrary code via the add attachment function in the New Expense component.
CVSS Score
8.8
EPSS Score
0.019
Published
2023-09-20