CVE-2021-20619

CVE-2021-20619

EPSS 1.0%

Cross-site scripting vulnerability in GROWI (v4.2 Series) versions prior to v4.2.3 allows remote attackers to inject an arbitrary script via unspecified vectors.

Affected products

WESEEK, Inc. · GROWI v4.2 Series

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/weseek/growi https://jvn.jp/en/jp/JVN57544707/index.html https://weseek.co.jp/security/2021/01/18/vulnerability/growi-prevent-xss4/