NoSQL injection vulnerability in GROWI versions prior to v4.2.20 allows a remote attacker to obtain and/or alter the information stored in the database via unspecified vectors.
[
{
"product": "GROWI",
"vendor": "WESEEK, Inc.",
"versions": [
{
"status": "affected",
"version": "versions prior to v4.2.20"
}
]
}
]