← Back

Growi

growi

Vendor: Weseek • 43 CVEs

CVEs (43)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-0654
1Weseek
1Growi
Nov 21, 2024
Sep 7, 2018
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allows remote attackers to inject arbitrary web script or HTML via the modal for creating Wiki page.
CVE-2018-0653
1Weseek
1Growi
Nov 21, 2024
Sep 7, 2018
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allows remote attackers to inject arbitrary web script or HTML via Wiki page view.
CVE-2018-0652
1Weseek
1Growi
Nov 21, 2024
Sep 7, 2018
N/A· v4
4.8 MEDIUM· v3
3.5 LOW· v2
Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via the UserGroup Management section of admin page.