CVE-2023-45737
N/A
N/A
Summary
Stored cross-site scripting vulnerability exists in the App Settings (/admin/app) page and the Markdown Settings (/admin/markdown) page of GROWI versions prior to v3.5.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| WESEEK, Inc. | GROWI | prior to v3.5.0 | affected |
Weaknesses
- Cross-site scripting (XSS)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.