4 matches found
CVE-2019-5968
Cross-site request forgery CSRF vulnerability in GROWI v3.4.6 and earlier allows remote attackers to hijack the authentication of administrators via updating user's 'Basic Info'...
CVE-2019-5968
CVE-2019-5968 affects GROWI up to version 3.4.6. The vulnerability is a Cross-site Request Forgery in the process of updating a user’s basic information, which could allow an attacker to hijack an administrator’s session or perform unintended actions when a logged-in admin visits a malicious page...
CVE-2019-5968
Cross-site request forgery CSRF vulnerability in GROWI v3.4.6 and earlier allows remote attackers to hijack the authentication of administrators via updating user's 'Basic Info'...
JVN#84876282: Multiple vulnerabilities in GROWI
GROWI provided by WESEEK, Inc. contains multiple vulnerabilities listed below. Cross-site request forgery vulnerability in the process of updating user's "Basic Info" CWE-352 - CVE-2019-5968 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N| Base Score: 4.3...