Unrated severityNVD Advisory· Published Sep 7, 2018· Updated Aug 5, 2024
CVE-2018-0654
CVE-2018-0654
Description
Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allows remote attackers to inject arbitrary web script or HTML via the modal for creating Wiki page.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- jvn.jp/en/jp/JVN18716340/index.htmlmitrethird-party-advisoryx_refsource_JVN
- weseek.co.jp/security/2018/07/31/growi-prevent-xss/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.