← volver
CVE-2021-20672

CVE-2021-20672

EPSS 0.9%
Reflected cross-site scripting vulnerability due to insufficient verification of URL query parameters in GROWI (v4.2 Series) versions from v4.2.0 to v4.2.7 allows remote attackers to inject an arbitrary script via unspecified vectors.
Productos afectados
WESEEK, Inc. · GROWI (v4.2 Series)

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://jvn.jp/en/jp/JVN86438134/index.htmlhttps://weseek.co.jp/security/2021/03/09/vulnerability/growi-prevent-xss5/