Totvs Fluig
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Totvs Fluig.
By the Year
In 2026 there have been 0 vulnerabilities in Totvs Fluig. Fluig did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 1 | 6.10 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 8.60 |
It may take a day or so for new Fluig vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Totvs Fluig Security Vulnerabilities
XSS redirectUrl/user in TOTVS Fluig 1.6.x-1.8.1 /mobileredir/openApp.jsp
CVE-2023-6275
6.1 - Medium
- November 24, 2023
A vulnerability was found in TOTVS Fluig Platform 1.6.x/1.7.x/1.8.0/1.8.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /mobileredir/openApp.jsp of the component mobileredir. The manipulation of the argument redirectUrl/user with the input "><script>alert(document.domain)</script> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.7.1-231128, 1.8.0-231127 and 1.8.1-231127 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-246104.
XSS
The TOTVS Fluig platform allows path traversal through the parameter "file =
CVE-2020-29134
8.6 - High
- March 05, 2021
The TOTVS Fluig platform allows path traversal through the parameter "file = .. /" encoded in base64. This affects all versions Fluig Lake 1.7.0, Fluig 1.6.5 and Fluig 1.6.4
Directory traversal
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Totvs Fluig or by Totvs? Click the Watch button to subscribe.
