4 matches found
CVE-2022-41799
Improper access control vulnerability in GROWI prior to v5.1.4 v5 series and versions prior to v4.5.25 v4 series allows a remote authenticated attacker to bypass access restriction and download the markdown data from the pages set to private by the other users...
CVE-2022-41799
creationtimestamp| type| source ---|---|--- 2022-10-24 18:25:51+00:00| seen| https://t.me/cibsecurity/51982...
CVE-2022-41799
Improper access control vulnerability in GROWI prior to v5.1.4 v5 series and versions prior to v4.5.25 v4 series allows a remote authenticated attacker to bypass access restriction and download the markdown data from the pages set to private by the other users...
CVE-2022-41799
CVE-2022-41799 (GROWI) : An improper access control flaw in GROWI allows a remote authenticated attacker to bypass private-page restrictions and download markdown data. Affected versions: v5.x before 5.1.4 and v4.x before 4.5.25. Impact is limited to data exposure from pages marked private; no ex...