VYPR
Unrated severityNVD Advisory· Published Dec 26, 2023· Updated Aug 2, 2024

CVE-2023-50294

CVE-2023-50294

Description

The App Settings (/admin/app) page in GROWI versions prior to v6.0.6 stores sensitive information in cleartext form. As a result, the Secret access key for external service may be obtained by an attacker who can access the App Settings page.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Weseek/Growillm-fuzzy2 versions
    <6.0.6+ 1 more
    • (no CPE)range: <6.0.6
    • (no CPE)range: prior to v6.0.6

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.