3 matches found
CVE-2023-48200
Cross Site Scripting vulnerability in Grocy v.4.0.3 allows a local attacker to execute arbitrary code and obtain sensitive information via the equipment description component within /equipment/ component...
CVE-2023-48198
The CVE-2023-48198 issue affects Grocy versions
CVE-2023-48200
CVE-2023-48200 concerns Grocy v4.0.3 where a Cross-Site Scripting vulnerability exists in the equipment description component under /equipment/. The flaw allows a local attacker to execute arbitrary code and exfiltrate or view sensitive information via this component. The base score is 5.4 (Mediu...