3 matches found
CVE-2018-0655
Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via the app settings section of admin page...
CVE-2018-0655
GROWI: Cross-site scripting vulnerability (CVE-2018-0655) affects GROWI v3.1.11 and earlier. The flaw is in the app settings section of the admin page, allowing remote authenticated attackers to inject arbitrary script/HTML, potentially executing in a logged-in user’s browser. Remediation: update...
CVE-2018-0655
Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via the app settings section of admin page...