Lucene search
K

5 matches found

Prion
Prion
added 2021/03/10 10:15 a.m.15 views

Cross site scripting

Stored cross-site scripting vulnerability in Admin Page of GROWI v4.2 Series versions from v4.2.0 to v4.2.7 allows remote authenticated attackers to inject an arbitrary script via unspecified vectors...

3.5CVSS4.8AI score0.00754EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/03/10 9:20 a.m.54 views

CVE-2021-20673

CVE-2021-20673 is a stored cross-site scripting vulnerability in GROWI (v4.2 Series) Admin Page, affecting versions v4.2.0 through v4.2.7. The issue allows a remote authenticated attacker to inject arbitrary script into a logged-in user’s browser via unspecified vectors. Affected product: GROWI (...

4.8CVSS4.7AI score0.00754EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2021/01/19 5:15 a.m.8 views

CVE-2021-20619

Cross-site scripting vulnerability in GROWI v4.2 Series versions prior to v4.2.3 allows remote attackers to inject an arbitrary script via unspecified vectors...

6.1CVSS6.1AI score0.01044EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/01/19 4:55 a.m.15 views

CVE-2021-20619

Cross-site scripting vulnerability in GROWI v4.2 Series versions prior to v4.2.3 allows remote attackers to inject an arbitrary script via unspecified vectors...

6.3AI score0.01044EPSS
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/12/15 12:0 a.m.56 views

JVN#94169589: Multiple vulnerabilities in GROWI

GROWI provided by WESEEK, Inc. contains multiple vulnerabilities listed below. Denial-of-service DoS due to improper verification of input values CWE-400 - CVE-2020-5682 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L| Base Score: 5.3 CVSS v2|...

7.5CVSS7.7AI score0.02982EPSS
Exploits0
Rows per page
Query Builder