exploitDog

GHSA-rrj6-v2g6-p956

Опубликовано: 06 нояб. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 4.8

CVSS3: 5.4

Описание

Cross-site scripting vulnerability exists in GROWI prior to v7.2.10. If a malicious user creates a page containing crafted contents, an arbitrary script may be executed on the web browser of a victim user who accesses the page.

Cross-site scripting vulnerability exists in GROWI prior to v7.2.10. If a malicious user creates a page containing crafted contents, an arbitrary script may be executed on the web browser of a victim user who accesses the page.

Ссылки

EPSS

Процентиль: 11%

0.00037

Низкий

4.8 Medium

CVSS4

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2025-61994

CVSS3: 5.4

nvd

3 месяца назад

Cross-site scripting vulnerability exists in GROWI prior to v7.2.10. If a malicious user creates a page containing crafted contents, an arbitrary script may be executed on the web browser of a victim user who accesses the page.

EPSS

Процентиль: 11%

0.00037

Низкий

4.8 Medium

CVSS4

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79