CVE-2021-20736
CVE-2021-20736 affects GROWI; NoSQL injection (CWE-943) vulnerability in GROWI versions prior to v4.2.20 could allow a remote attacker to obtain or alter data via unspecified vectors. Connected sources confirm the fixed version is v4.2.20 (and the 4.2.x line), with guidance to upgrade; there is n...