73 matches found
Weseek Growi 安全漏洞
Weseek Growi is an open-source wiki system developed by the Japanese company Weseek, which can be written in Markdown format. Versions of Weseek Growi prior to v7.4.5 contained security vulnerabilities. These vulnerabilities stemmed from the OpenAI thread/message API endpoints not performing...
Weseek Growi 跨站请求伪造漏洞
Weseek Growi is an open source wiki system that can be written in Markdown by Weseek Japan. A cross-site request forgery vulnerability exists in Weseek Growi 7.3.3 and earlier versions, which stems from vulnerability to cross-site request forgery attacks that could cause a user to perform an...
Weseek Growi 跨站脚本漏洞
Weseek Growi is an open source wiki system that can be written in Markdown by the Japanese company Weseek. A cross-site scripting vulnerability exists in Weseek Growi versions prior to 7.2.10, which originates when a malicious user creates a page containing specially crafted content that could le...
Weseek Growi 跨站脚本漏洞
Weseek Growi is an open source wiki system that can be written in Markdown by Weseek Japan. A cross-site scripting vulnerability exists in Weseek Growi v4.2.7 and earlier versions, which stems from a cross-site scripting vulnerability in the Page Alerts feature that could lead to the execution of...
EUVD-2019-4843
Malware in sbrugna...
EUVD-2019-4842
Malware in sbrugna...
EUVD-2022-24571
Malicious code in bioql PyPI...
Weseek Growi 安全漏洞
Weseek Growi is an open source wiki system that can be written in Markdown by the Japanese company Weseek. A security vulnerability exists in Weseek Growi versions prior to 7.1.6, which stems from a regular expression efficiency issue that could lead to a denial of service attack...
CVE-2019-13337
In WESEEK GROWI before 3.5.0, the site-wide basic authentication can be bypassed by adding a URL parameter accesstoken this is the parameter used by the API. No valid token is required since it is not validated by the backend. The website can then be browsed as if no basic authentication is...
CVE-2019-13338
In WESEEK GROWI before 3.5.0, a remote attacker can obtain the password hash of the creator of a page by leveraging wiki access to make API calls for page metadata. In other words, the password hash can be retrieved even though it is not a publicly available field...
Weseek GROWI Security Vulnerability
Weseek GROWI is a team collaboration software from Weseek Japan. A security vulnerability exists in Weseek GROWI versions prior to 6.0.6, which originates from a sensitive information disclosure vulnerability in the App Settings /admin/app page...
Weseek GROWI Security Vulnerability
Weseek GROWI is a team collaboration software from Weseek Japan. A security vulnerability exists in Weseek GROWI prior to version 6.0.6, which stems from an authorization error on the User Management /admin/users page that can be exploited by an attacker to delete or suspend his or her account...
Weseek GROWI Security Vulnerability
Weseek GROWI is a team collaboration software package from Weseek Japan. A security vulnerability exists in Weseek GROWI versions prior to 6.0.0, which stems from a stored cross-site scripting XSS vulnerability when processing MathJax...
Weseek GROWI Security Vulnerability
Weseek GROWI is a team collaboration software from Weseek Japan. A security vulnerability exists in Weseek GROWI prior to version 6.0.0, which originates from a stored cross-site scripting XSS vulnerability in the App Settings /admin/app page...
Weseek GROWI Security Vulnerability
Weseek GROWI is a team collaboration software from Weseek Japan. A security vulnerability exists in Weseek GROWI versions prior to 6.1.11, which stems from a stored cross-site scripting XSS vulnerability in the User Management /admin/users page...
Weseek GROWI Security Vulnerability
Weseek GROWI is a team collaboration software from Weseek Japan. A security vulnerability exists in Weseek GROWI versions prior to v6.0.0. An attacker could exploit this vulnerability to conduct cross-site scripting attacks...
WESEEK GROWI Security Breach
Weseek GROWI is a team collaboration software package from Weseek Japan. A security vulnerability exists in WESEEK GROWI versions prior to v6.0.0. An attacker could exploit this vulnerability to perform cross-site request forgery attacks...
Weseek GROWI Security Vulnerability
Weseek GROWI is a team collaboration software from Weseek Japan. A security vulnerability exists in Weseek GROWI versions prior to v6.0.0. An attacker could exploit this vulnerability to conduct cross-site scripting attacks...
JVN#18715935: Multiple vulnerabilities in GROWI
GROWI provided by WESEEK, Inc. contains multiple vulnerabilities listed below. Stored cross-site scripting vulnerability in the presentation feature CWE-79 - CVE-2023-42436 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4 CVSS v2|...
WESEEK GROWI Security Breach
Weseek GROWI is a team collaboration software package from Weseek Japan. A security vulnerability exists in WESEEK GROWI versions prior to v4.1.3. An attacker could exploit this vulnerability to perform cross-site scripting attacks...