Cross Site Scripting vulnerability in Grocy v.4.0.3 allows a local attacker to execute arbitrary code and obtain sensitive information via the equipment description component within /equipment/ component.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Mon, 29 Sep 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Mon, 29 Sep 2025 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2025-09-29T14:12:05.480Z
Reserved: 2023-11-13T00:00:00.000Z
Link: CVE-2023-48200

Updated: 2024-08-02T21:23:39.091Z

Status : Modified
Published: 2023-11-15T23:15:09.043
Modified: 2025-09-29T15:16:04.700
Link: CVE-2023-48200

No data.

No data.