4 matches found
CVE-2020-5678
Stored cross-site scripting vulnerability in GROWI v3.8.1 and earlier allows remote attackers to inject arbitrary script via unspecified vectors...
CVE-2020-5678
creationtimestamp| type| source ---|---|--- 2020-12-03 14:56:01+00:00| seen| https://t.me/cibsecurity/17075 2026-06-29 23:41:50+00:00| seen| https://gist.github.com/tu-trinh-scale/3cef71a931e87b0427ca39b190328cc9 2026-06-30 00:00:27+00:00| seen|...
CVE-2020-5678
CVE-2020-5678 is a stored cross-site scripting vulnerability affecting GROWI up to v3.8.1 (and related CVEs cover other processed inputs). The connected sources confirm the issue is a stored XSS vulnerability in GROWI’s handling of POST requests/input processing, allowing remote attackers to inje...
JVN#56450373: Multiple vulnerabilities in GROWI
GROWI provided by WESEEK, Inc. contains multiple vulnerabilities listed below. Information disclosure CWE-200 - CVE-2020-5676 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N| Base Score: 5.3 CVSS v2| AV:N/AC:L/Au:N/C:P/I:N/A:N| Base Score: 5.0 Reflected...