Lucene search
+L

6 matches found

nvd
nvd
added 2023/12/26 8:15 a.m.19 views

CVE-2023-45740

Stored cross-site scripting vulnerability when processing profile images exists in GROWI versions prior to v4.1.3. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product...

5.4CVSS0.00298EPSS
Exploits0References2
osv
osv
added 2023/12/26 8:15 a.m.17 views

CVE-2023-45740

Stored cross-site scripting vulnerability when processing profile images exists in GROWI versions prior to v4.1.3. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product...

5.4CVSS6AI score
Exploits0References2
cve
cve
added 2023/12/26 7:20 a.m.48 views

CVE-2023-45740

GROWI has a stored XSS vulnerability (CVE-2023-45740) when processing profile images in versions prior to 4.1.3. An arbitrary script could execute in a user’s browser when they view the affected site. The issue is confirmed across multiple sources and product advisories, with remediation by upgra...

5.4CVSS5.2AI score0.00298EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2023/12/26 7:20 a.m.6 views

CVE-2023-45740

Stored cross-site scripting vulnerability when processing profile images exists in GROWI versions prior to v4.1.3. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product...

6.2AI score0.00298EPSS
Exploits0References2
cvelist
cvelist
added 2023/12/26 7:20 a.m.20 views

CVE-2023-45740

Stored cross-site scripting vulnerability when processing profile images exists in GROWI versions prior to v4.1.3. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product...

5.6AI score0.00298EPSS
Exploits0References2
jvn
jvn
added 2023/12/13 12:0 a.m.24 views

JVN#18715935: Multiple vulnerabilities in GROWI

GROWI provided by WESEEK, Inc. contains multiple vulnerabilities listed below. Stored cross-site scripting vulnerability in the presentation feature CWE-79 - CVE-2023-42436 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4 CVSS v2|...

6.5CVSS6AI score0.0045EPSS
Exploits0
Rows per page
Query Builder