CVE-2023-48866 | Grocy up to 4.0.3 Recipe Preparation /api/objects/recipes cross site scripting

Inserito da Angelo Barbosa | Dic 4, 2023 | CVE

A vulnerability was found in Grocy up to 4.0.3 and classified as problematic. Affected by this issue is some unknown functionality of the file /api/objects/recipes of the component Recipe Preparation. The manipulation leads to cross site scripting.

This vulnerability is handled as CVE-2023-48866. The attack may be launched remotely. There is no exploit available.

CVE-2023-48866 | Grocy up to 4.0.3 Recipe Preparation /api/objects/recipes cross site scripting

Post correlati

CVE-2024-3077 | zephyrproject-rtos Zephyr up to 3.6 BLE integer overflow (GHSA-gmfv-4vfh-2mh8)

CVE-2024-32166 | Webid 1.2.1 Buy Now resource injection

CVE-2024-22299 | Foliovision FV Flowplayer Video Player Plugin up to 7.5.41.7212 on WordPress cross site scripting

CVE-2024-31243 | Bricksforge Plugin up to 2.0.17 on WordPress authorization