CVE-2018-0655

Summary

Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via the app settings section of admin page.

Affected Software

VendorProductVersion RangeStatus
WESEEK, Inc.GROWIv.3.1.11 and earlieraffected

Weaknesses

  • Cross-site scripting

ADP Enrichment

CVE Program Container

Additional References

References