CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-02-12 18:42:46 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
CVEs-PoC/2021/CVE-2021-20672.md
0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09
2025-09-29 21:09:30 +02:00

19 lines
801 B
Markdown
Raw Permalink Blame History

### [CVE-2021-20672](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20672)
![](https://img.shields.io/static/v1?label=Product&message=GROWI%20(v4.2%20Series)&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=versions%20from%20v4.2.0%20to%20v4.2.7%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Cross-site%20scripting&color=brightgreen)
### Description
Reflected cross-site scripting vulnerability due to insufficient verification of URL query parameters in GROWI (v4.2 Series) versions from v4.2.0 to v4.2.7 allows remote attackers to inject an arbitrary script via unspecified vectors.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/mute1008/mute1008
- https://github.com/mute1997/mute1997
Reference in New Issue View Git Blame Copy Permalink