CVE-2023-50294 | WESEEK GROWI up to 6.0.5 App Settings Page /admin/app cleartext storage

Posted by Angelo Barbosa | Dec 26, 2023 | CVE

A vulnerability was found in WESEEK GROWI up to 6.0.5 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/app of the component App Settings Page. The manipulation leads to cleartext storage of sensitive information.

This vulnerability is handled as CVE-2023-50294. Access to the local network is required for this attack. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-50294 | WESEEK GROWI up to 6.0.5 App Settings Page /admin/app cleartext storage

Related Posts

CVE-2024-26785 | Linux Kernel up to 6.7.8 iommufd_access_change_ioas memory corruption (fc719ecbca45/cf7c2789822d)

CVE-2023-7067 | ShopLentor Plugin up to 2.8.1 on WordPress woolentor_template_store improper authorization

CVE-2022-42443 | IBM Trusteer iOS SDK/Trusteer Android SDK up to 5.6 unrestricted upload (XFDB-238535)

CVE-2024-2417 | User Registration Plugin up to 3.1.5 on WordPress authorization