VYPR
Unrated severityNVD Advisory· Published Mar 10, 2021· Updated Aug 3, 2024

CVE-2021-20672

CVE-2021-20672

Description

Reflected cross-site scripting vulnerability due to insufficient verification of URL query parameters in GROWI (v4.2 Series) versions from v4.2.0 to v4.2.7 allows remote attackers to inject an arbitrary script via unspecified vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Weseek/Growillm-fuzzy
    Range: >=4.2.0, <=4.2.7
  • WESEEK, Inc./GROWI (v4.2 Series)v5
    Range: versions from v4.2.0 to v4.2.7

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.