CVE-2020-15253
CVE-2020-15253 affects Grocy versions ≤ 2.7.1 with a Cross-Site Scripting (XSS) vulnerability exposed via the Create Shopping List module when a shopping list is deleted (and noted across related modules such as users, batteries, chores, equipment, locations, quantity units, shopping locations, t...