Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Growi
(Weseek)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 42 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-10-24 | CVE-2022-41799 | Improper access control vulnerability in GROWI prior to v5.1.4 (v5 series) and versions prior to v4.5.25 (v4 series) allows a remote authenticated attacker to bypass access restriction and download the markdown data from the pages set to private by the other users. | Growi | 6.5 | ||
| 2020-12-03 | CVE-2020-5676 | GROWI v4.1.3 and earlier allow remote attackers to obtain information which is not allowed to access via unspecified vectors. | Growi | 7.5 |