3 matches found
Grocy 4.0.2 Cross Site Request Forgery
Exploit Title: Grocy history.pushState'','', '/'; document.forms0.submit; If a user is logged into the Grocy Webapp at time of execution, a new user will be created in the app with the following credentials Username: hacker Password: test Note: In order for this to work, the target must hav...
CVE-2023-42270
creationtimestamp| type| source ---|---|--- 2023-09-15 18:25:31+00:00| seen| Telegram/4TWMp4yQYfVHTsCLMxoqzZ7RTbT6AG8P1WaaGWhGjKHvV4...
CVE-2023-42270
Grocy = 4.0.2 is vulnerable to Cross Site Request Forgery CSRF...