Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:55 a.m.8 views

CVE-2023-42436

Stored cross-site scripting vulnerability exists in the presentation feature of GROWI versions prior to v3.4.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product...

5.4CVSS6AI score0.00298EPSS
Exploits0
NVD
NVD
added 2023/12/26 8:15 a.m.23 views

CVE-2023-42436

Stored cross-site scripting vulnerability exists in the presentation feature of GROWI versions prior to v3.4.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product...

5.4CVSS0.00298EPSS
Exploits0References2
OSV
OSV
added 2023/12/26 8:15 a.m.26 views

CVE-2023-42436

Stored cross-site scripting vulnerability exists in the presentation feature of GROWI versions prior to v3.4.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product...

5.4CVSS6AI score
Exploits0References2
Cvelist
Cvelist
added 2023/12/26 7:22 a.m.21 views

CVE-2023-42436

Stored cross-site scripting vulnerability exists in the presentation feature of GROWI versions prior to v3.4.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product...

5.6AI score0.00298EPSS
Exploits0References2
CVE
CVE
added 2023/12/26 7:22 a.m.52 views

CVE-2023-42436

CVE-2023-42436 is a stored XSS vulnerability in GROWI’s presentation feature affecting versions prior to 3.4.0. Exploitation can cause arbitrary script execution in a user’s browser when visiting the site. Red Hat and OSV/JP/JVN entries corroborate the issue as a presentation‑feature XSS with a b...

5.4CVSS5.2AI score0.00298EPSS
Exploits0References2Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/12/13 12:0 a.m.23 views

JVN#18715935: Multiple vulnerabilities in GROWI

GROWI provided by WESEEK, Inc. contains multiple vulnerabilities listed below. Stored cross-site scripting vulnerability in the presentation feature CWE-79 - CVE-2023-42436 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4 CVSS v2|...

6.5CVSS6AI score0.0045EPSS
Exploits0
Rows per page
Query Builder