Lucene search
Alpine Linux Development TeamALPINE:CVE-2023-48198HistoryNov 15, 2023 - 11:15 p.m.
CVE-2023-48198
2023-11-1523:15:08
Alpine Linux Development Team
security.alpinelinux.org
9
cross-site scripting
api security
cookies theft
grocy
vulnerability
version 4.0.3
EPSS
0
Percentile
14.0%
A Cross-Site Scripting (XSS) vulnerability in the ‘product description’ component within ‘/api/stock/products’ of Grocy version <= 4.0.3 allows attackers to obtain a victim’s cookies.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | 3.19-community | noarch | grocy | = 4.0.3-r2 | UNKNOWN |
Related
osv
osv
CVE-2023-48198
2023-11-15 23:15:08
cve
cve
CVE-2023-48198
2023-11-15 23:15:08
prion
prion
Cross site scripting
2023-11-15 23:15:00
cvelist
cvelist
CVE-2023-48198
2023-11-15 00:00:00
nvd
nvd
CVE-2023-48198
2023-11-15 23:15:08