Количество 3
Количество 3
CVE-2023-48198
A Cross-Site Scripting (XSS) vulnerability in the 'product description' component within '/api/stock/products' of Grocy version <= 4.0.3 allows attackers to obtain a victim's cookies.
CVE-2023-48198
A Cross-Site Scripting (XSS) vulnerability in the 'product description ...
GHSA-jmqm-f57p-26jw
Cross Site Scripting vulnerability in Grocy v.4.0.3 allows a local attacker to execute arbitrary code and obtain sensitive information via the product description component in the api/stock/products endpoint.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-48198 A Cross-Site Scripting (XSS) vulnerability in the 'product description' component within '/api/stock/products' of Grocy version <= 4.0.3 allows attackers to obtain a victim's cookies. | CVSS3: 5.4 | 1% Низкий | около 2 лет назад |
| CVE-2023-48198 A Cross-Site Scripting (XSS) vulnerability in the 'product description ... | CVSS3: 5.4 | 1% Низкий | около 2 лет назад |
| GHSA-jmqm-f57p-26jw Cross Site Scripting vulnerability in Grocy v.4.0.3 allows a local attacker to execute arbitrary code and obtain sensitive information via the product description component in the api/stock/products endpoint. | CVSS3: 5.4 | 1% Низкий | около 2 лет назад |
Уязвимостей на страницу