Lucene search
Alpine Linux Development TeamALPINE:CVE-2023-48866HistoryDec 04, 2023 - 3:15 p.m.
CVE-2023-48866
2023-12-0415:15:07
Alpine Linux Development Team
security.alpinelinux.org
6
grocy
xss
cookie theft
vulnerability
recipe
note
components
A Cross-Site Scripting (XSS) vulnerability in the recipe preparation component within /api/objects/recipes and note component within /api/objects/shopping_lists/ of Grocy <= 4.0.3 allows attackers to obtain the victim’s cookies.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | 3.19-community | noarch | grocy | = 4.0.3-r2 | UNKNOWN |
Related
nvd
nvd
CVE-2023-48866
2023-12-04 15:15:07
cvelist
cvelist
CVE-2023-48866
2023-12-04 00:00:00
osv
osv
CVE-2023-48866
2023-12-04 15:15:07
cve
cve
CVE-2023-48866
2023-12-04 15:15:07
prion
prion
Cross site scripting
2023-12-04 15:15:00