NuytsTech Security

CVE-2021-20673

by ·

Stored cross-site scripting vulnerability in Admin Page of GROWI (v4.2 Series) versions from v4.2.0 to v4.2.7 allows remote authenticated attackers to inject an arbitrary script via unspecified vectors.

Date published : 2021-03-10

https://jvn.jp/en/jp/JVN86438134/index.html

https://weseek.co.jp/security/2021/03/09/vulnerability/growi-prevent-xss5/

Tags: