Количество 3
Количество 3
CVE-2023-48197
Cross-Site Scripting (XSS) vulnerability in the ‘manageApiKeys’ component of Grocy 4.0.3 and earlier allows attackers to obtain victim's cookies when the victim clicks on the "see QR code" function.
CVE-2023-48197
Cross-Site Scripting (XSS) vulnerability in the \u2018manageApiKeys\u2 ...
GHSA-ph4x-8w6x-4q6x
Cross Site Scripting vulnerability in Grocy v.4.0.3 allows a local attacker to execute arbitrary code and obtain sensitive information via the QR code function in the manageapikeys component.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-48197 Cross-Site Scripting (XSS) vulnerability in the ‘manageApiKeys’ component of Grocy 4.0.3 and earlier allows attackers to obtain victim's cookies when the victim clicks on the "see QR code" function. | CVSS3: 5.4 | 0% Низкий | около 2 лет назад |
| CVE-2023-48197 Cross-Site Scripting (XSS) vulnerability in the \u2018manageApiKeys\u2 ... | CVSS3: 5.4 | 0% Низкий | около 2 лет назад |
| GHSA-ph4x-8w6x-4q6x Cross Site Scripting vulnerability in Grocy v.4.0.3 allows a local attacker to execute arbitrary code and obtain sensitive information via the QR code function in the manageapikeys component. | CVSS3: 5.4 | 0% Низкий | около 2 лет назад |
Уязвимостей на страницу