6 matches found
CVE-2023-45737
creationtimestamp| type| source ---|---|--- 2023-12-26 09:26:45+00:00| seen| https://t.me/ctinow/159279 2024-01-19 10:16:39+00:00| seen| https://t.me/ctinow/170128...
CVE-2023-45737
Stored cross-site scripting vulnerability exists in the App Settings /admin/app page and the Markdown Settings /admin/markdown page of GROWI versions prior to v3.5.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using...
CVE-2023-45737
Stored cross-site scripting vulnerability exists in the App Settings /admin/app page and the Markdown Settings /admin/markdown page of GROWI versions prior to v3.5.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using...
CVE-2023-45737
Stored cross-site scripting vulnerability exists in the App Settings /admin/app page and the Markdown Settings /admin/markdown page of GROWI versions prior to v3.5.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using...
CVE-2023-45737
GROWI users are affected by a stored cross-site scripting vulnerability (CVE-2023-45737) in the App Settings (/admin/app) and Markdown Settings (/admin/markdown) pages for versions prior to the vendor-released fixes. The issue allows arbitrary script execution in a user’s browser when the vulnera...
JVN#18715935: Multiple vulnerabilities in GROWI
GROWI provided by WESEEK, Inc. contains multiple vulnerabilities listed below. Stored cross-site scripting vulnerability in the presentation feature CWE-79 - CVE-2023-42436 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4 CVSS v2|...