A Cross-Site Scripting (XSS) vulnerability in the ‘product description’ component within ‘/api/stock/products’ of Grocy version <= 4.0.3 allows attackers to obtain a victim’s cookies.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Alpine | 3.19-community | noarch | grocy | = 4.0.3-r2 | UNKNOWN |