Cross-Site Scripting (XSS)

2019-07-1004:47:29

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

EPSS

0.001

Percentile

29.2%

JSON

GROWI are vulnerable to cross-site scripting attacks. A remote, authenticated attacker could exploit the flawed New Page Handler component to inject and execute arbitrary web script or HTML into victim’s browser.

References

jvn.jp/en/jp/JVN96493183/index.html

weseek.co.jp/security/2018/12/25/growi-prevent-xss2/

EPSS

0.001

Percentile

29.2%

JSON

Related for VERACODE:20757