6 matches found
CVE-2023-49807
Stored cross-site scripting vulnerability when processing the MathJax exists in GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product...
CVE-2023-49807
creationtimestamp| type| source ---|---|--- 2023-12-26 09:27:00+00:00| seen| https://t.me/ctinow/159289...
CVE-2023-49807
Stored cross-site scripting vulnerability when processing the MathJax exists in GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product...
CVE-2023-49807
Stored cross-site scripting vulnerability when processing the MathJax exists in GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product...
CVE-2023-49807
CVE-2023-49807 is a stored XSS in GROWI when processing MathJax, affecting GROWI versions prior to 6.0.0. Exploitation could cause arbitrary script execution in a user’s browser after visiting the site (web app context). The connected sources (NVD, Red Hat, JVN, OSV, PRION/PTSecurity) confirm the...
JVN#18715935: Multiple vulnerabilities in GROWI
GROWI provided by WESEEK, Inc. contains multiple vulnerabilities listed below. Stored cross-site scripting vulnerability in the presentation feature CWE-79 - CVE-2023-42436 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4 CVSS v2|...