6 matches found
CVE-2023-49598
creationtimestamp| type| source ---|---|--- 2023-12-26 09:26:56+00:00| seen| https://t.me/ctinow/159287...
CVE-2023-49598
Stored cross-site scripting vulnerability exists in the event handlers of the pre tags in GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product...
CVE-2023-49598
Stored cross-site scripting vulnerability exists in the event handlers of the pre tags in GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product...
CVE-2023-49598
CVE-2023-49598 is a stored cross-site scripting (XSS) vulnerability in GROWI’s pre tag event handlers, affecting versions prior to v6.0.0. An attacker could have arbitrary script execution in a user’s browser who visits the affected site. The issue is documented across multiple sources (e.g., Red...
CVE-2023-49598
Stored cross-site scripting vulnerability exists in the event handlers of the pre tags in GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product...
JVN#18715935: Multiple vulnerabilities in GROWI
GROWI provided by WESEEK, Inc. contains multiple vulnerabilities listed below. Stored cross-site scripting vulnerability in the presentation feature CWE-79 - CVE-2023-42436 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4 CVSS v2|...