Описание
Cross Site Scripting vulnerability in Grocy v.4.0.3 allows a local attacker to execute arbitrary code and obtain sensitive information via the equipment description component within /equipment/ component.
Ссылки
- Product
- ExploitThird Party Advisory
- Product
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:grocy_project:grocy:4.0.3:*:*:*:*:*:*:*
EPSS
Процентиль: 55%
0.00321
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 5.4
debian
около 2 лет назад
Cross Site Scripting vulnerability in Grocy v.4.0.3 allows a local att ...
CVSS3: 5.4
github
около 2 лет назад
Cross Site Scripting vulnerability in Grocy v.4.0.3 allows a local attacker to execute arbitrary code and obtain sensitive information via the equipment description component within /equipment/ component.
EPSS
Процентиль: 55%
0.00321
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79