2 matches found
CVE-2021-20672
Reflected cross-site scripting vulnerability due to insufficient verification of URL query parameters in GROWI v4.2 Series versions from v4.2.0 to v4.2.7 allows remote attackers to inject an arbitrary script via unspecified vectors...
JVN#86438134: Multiple cross-site scripting vulnerabilities in GROWI
GROWI provided by WESEEK, Inc. contains multiple cross-site scripting vulnerabilities listed below. Reflected cross-site scripting vulnerability due to insufficient verification of URL query parameters CWE-79 - CVE-2021-20672 Version| Vector| Score ---|---|--- CVSS v3|...