Lucene search
K

4 matches found

NVD
NVD
added 2023/12/26 8:15 a.m.19 views

CVE-2023-49779

Stored cross-site scripting vulnerability exists in the anchor tag of GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product...

5.4CVSS0.0034EPSS
Exploits0References2
CVE
CVE
added 2023/12/26 7:21 a.m.44 views

CVE-2023-49779

CVE-2023-49779 is a stored cross-site scripting vulnerability in the anchor tag of GROWI prior to v6.0.0. The issue allows an arbitrary script to run in the browser of users who access the affected site. Affected product: GROWI (WESEEK). Root cause: XSS in the anchor tag across multiple reference...

5.4CVSS5.2AI score0.0034EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/12/26 7:21 a.m.16 views

CVE-2023-49779

Stored cross-site scripting vulnerability exists in the anchor tag of GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product...

5.6AI score0.0034EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/12/13 12:0 a.m.23 views

JVN#18715935: Multiple vulnerabilities in GROWI

GROWI provided by WESEEK, Inc. contains multiple vulnerabilities listed below. Stored cross-site scripting vulnerability in the presentation feature CWE-79 - CVE-2023-42436 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4 CVSS v2|...

6.5CVSS6AI score0.0045EPSS
Exploits0
Rows per page
Query Builder