CVE-2023-48200
CVE-2023-48200 concerns Grocy v4.0.3 where a Cross-Site Scripting vulnerability exists in the equipment description component under /equipment/. The flaw allows a local attacker to execute arbitrary code and exfiltrate or view sensitive information via this component. The base score is 5.4 (Mediu...