Lucene search

CVE-2021-20669

🗓️ 10 Mar 2021 10:12:15Reported by jpcertType

Path traversal vulnerability in GROWI v4.2.2 and earlier allows admin to read/delete arbitrary path via crafted UR

Reporter	Title	Published	Views	Family All 5
Prion	Path traversal	10 Mar 202110:15	–	prion
CNVD	WESEEK GROWI path traversal vulnerability (CNVD-2021-16348)	9 Mar 202100:00	–	cnvd
NVD	CVE-2021-20669	10 Mar 202110:15	–	nvd
Cvelist	CVE-2021-20669	10 Mar 202109:20	–	cvelist
OSV	CVE-2021-20669	10 Mar 202110:15	–	osv

Nvd

Vulners

Node

weseek growiRange≤4.2.2

[
  {
    "product": "GROWI",
    "vendor": "WESEEK, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "versions v4.2.2 and earlier"
      }
    ]
  }
]

Source	Link
weseek	www.weseek.co.jp/security/2021/03/08/vulnerability/growi-prevent-multiple-xss/
jvn	www.jvn.jp/en/vu/JVNVU94889258/index.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

10 Mar 2021 10:15Current

4.6Medium risk

Vulners AI Score4.6

CVSS26.5

CVSS34.7

EPSS0.00127

CWE-22