GCVE - cpe:2.3:a:alfio-event:alfio-event/alf.io:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:alfio-event:alfio-event/alf.io:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Alfio Event (`99d5a7f1-746e-563c-8209-a2e30f02937d`)
Product	Alfio Event/Alf.Io (`1010dd39-691b-5151-bb91-645e965d10c6`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-2260`	vulnerable	2026-06-08 06:02:41.708449	Authorization Bypass Through User-Controlled Key in alfio-event/alf.io HIGH (8.8) Authorization Bypass Through User-Controlled Key in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304. Published: 2023-04-24T00:00:00.000Z Updated: 2025-02-04T16:26:08.865Z Open on db.gcve.eu Reference links https://huntr.dev/bounties/649badc8-c935-4a84-8aa8-d3269ac54377 https://github.com/alfio-event/alf.io/commit/c9a16ab93d42b2beb06d529b57890121f85be6ef	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-2259`	vulnerable	2026-06-08 06:02:41.707959	Improper Neutralization of Special Elements Used in a Template Engine in alfio-event/alf.io CRITICAL (9.1) Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304. Published: 2023-04-24T00:00:00.000Z Updated: 2025-02-04T16:49:08.353Z Open on db.gcve.eu Reference links https://huntr.dev/bounties/e753bce0-ce82-463b-b344-2f67b39b60ff https://github.com/alfio-event/alf.io/commit/94e2923a317452e337393789c9f3192dfc1ddac2	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-2258`	vulnerable	2026-06-08 06:02:41.706625	Improper Neutralization of Formula Elements in a CSV File in alfio-event/alf.io HIGH (8.8) Improper Neutralization of Formula Elements in a CSV File in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304. Published: 2023-04-24T00:00:00.000Z Updated: 2025-02-04T17:11:55.816Z Open on db.gcve.eu Reference links https://github.com/alfio-event/alf.io/commit/94e2923a317452e337393789c9f3192dfc1ddac2 https://huntr.dev/bounties/31eaf0fe-4d91-4022-aa9b-802bc6eafb8f	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-0301`	vulnerable	2026-06-08 05:52:04.716120	Cross-site Scripting (XSS) - Stored in alfio-event/alf.io MEDIUM (4.3) Cross-site Scripting (XSS) - Stored in GitHub repository alfio-event/alf.io prior to Alf.io 2.0-M4-2301. Published: 2023-01-14T00:00:00.000Z Updated: 2025-04-07T18:26:43.444Z Open on db.gcve.eu Reference links https://huntr.dev/bounties/8a91e127-2903-4c6b-9a66-e4d2e30f8dec https://github.com/alfio-event/alf.io/commit/21cb2866e5f58b4a2b4a2cb0066479bbb26f7b39	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-0300`	vulnerable	2026-06-08 05:52:04.715128	Cross-site Scripting (XSS) - Reflected in alfio-event/alf.io LOW (3.5) Cross-site Scripting (XSS) - Reflected in GitHub repository alfio-event/alf.io prior to 2.0-M4-2301. Published: 2023-01-14T00:00:00.000Z Updated: 2025-04-07T18:27:10.813Z Open on db.gcve.eu Reference links https://huntr.dev/bounties/0a91fec7-a76e-4ca3-80ba-81de1f10d59d https://github.com/alfio-event/alf.io/commit/c1ae54ac84f1c7a5ec2831876f6445cb79be96fc	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.