Bounties
Partners
Community
Info
alfio-event / alf.io
Project repository
alf.io - The open source ticket reservation system for conferences, trade shows, workshops, meetups
Submit a report
FIRST INTERACTION
WITHIN
2 DAYS
REVIEW
WITHIN
4 DAYS
FIX
WITHIN
40 DAYS
IDOR Vulnerability Allow the owner of one Organization can create, edit, delete...
Apr 24th 2023
lujiefsi
•
High
High
•
CVE-2023-2260
CVE-2023-2260
IDOR Vulnerability Allow the owner of one Organization can edit, delete and rese...
Apr 24th 2023
lujiefsi
•
High
High
IDOR Vulnerability Allow the owner of one Organization can disable users that be...
Apr 24th 2023
lujiefsi
•
High
High
IDOR Vulnerability Allow the owner of one Organization can update anyother orga...
Apr 24th 2023
lujiefsi
•
High
High
CSV Injection in CSV files generated by the backend
Apr 24th 2023
lujiefsi
•
High
High
•
CVE-2023-2258
CVE-2023-2258
Server Side Template Injection
Apr 24th 2023
yelprofessor
•
Critical
Critical
•
CVE-2023-2259
CVE-2023-2259
CWE-425: Direct Request ('Forced Browsing')
Mar 5th 2023
lujiefsi
•
self closed
XSS in Markdown Events
Jan 14th 2023
rezaduty
•
Medium
Medium
•
CVE-2023-0301
CVE-2023-0301
Html Injection in Groups
Jan 14th 2023
rezaduty
•
Low
Low
•
CVE-2023-0300
CVE-2023-0300
CSRF in insert text
Dec 9th 2022
rezaduty
•
not applicable
CRITICAL
$0
HIGH
$0
MEDIUM
$0
LOW
$0
