Stored Cross-Site Scripting Vulnerability in GROWI Admin Page (v4.2 Series)
CVE-2021-20673 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Stored cross-site scripting vulnerability in Admin Page of GROWI (v4.2 Series) versions from v4.2.0 to v4.2.7 allows remote authenticated attackers to inject an arbitrary script via unspecified vectors.
Learn more about our Web Application Penetration Testing UK.