CVE-2021-20673

Summary

Stored cross-site scripting vulnerability in Admin Page of GROWI (v4.2 Series) versions from v4.2.0 to v4.2.7 allows remote authenticated attackers to inject an arbitrary script via unspecified vectors.

Affected Software

VendorProductVersion RangeStatus
WESEEK, Inc.GROWI (v4.2 Series)versions from v4.2.0 to v4.2.7affected

Weaknesses

  • Cross-site scripting

ADP Enrichment

CVE Program Container

Additional References

References