Tag
Froxlor versions 2.3.4 and earlier are vulnerable to BIND zone file injection, where an attacker can inject newlines and BIND zone file directives via the DomainZones API, potentially leading to information disclosure, DNS service disruption, and zone data manipulation.