CVE-2023-48200

Cross Site Scripting vulnerability in Grocy v.4.0.3 allows a local attacker to execute arbitrary code and obtain sensitive information via the equipment description component within /equipment/ component...

CVE-2023-48200

Cross Site Scripting vulnerability in Grocy v.4.0.3 allows a local attacker to execute arbitrary code and obtain sensitive information via the equipment description component within /equipment/ component...

CVE-2023-48200

Cross Site Scripting vulnerability in Grocy v.4.0.3 allows a local attacker to execute arbitrary code and obtain sensitive information via the equipment description component within /equipment/ component...

PT-2023-30726 · Grocy · Grocy

Name of the Vulnerable Software and Affected Versions: Grocy version 4.0.3 Description: The issue allows a local attacker to execute arbitrary code and obtain sensitive information via the equipment description component within the "/equipment/" component. Recommendations: For Grocy version 4.0.3...

Grocy Security Vulnerabilities

Grocy is a web-based self-hosted grocery and home management solution from Grocy Open Source. A security vulnerability exists in Grocy version v.4.0.3, which stems from a cross-site scripting XSS vulnerability in the /equipment/ component. An attacker could exploit the vulnerability to execute...

The vulnerability of the UE component in the Android CAF-release operating system allows a perpetrator to compromise privacy, integrity, and accessibility.

The vulnerability of the UE component in the Android CAF-release operating system is related to positioning errors. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information when the UE driver sends unprotected...