CVE-2020-25454 – Cross-site Scripting (XSS) vulnerability in grocy 2.7.1 via the add recip

4 years ago

Cross-site Scripting (XSS) vulnerability in grocy 2.7.1 via the add recipe module, which gets executed when deleting the recipe.

Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25454

Reference (s):

http://packetstormsecurity.com/files/160107/Grocy-Household-Management-Solution-2.7.1-Cross-Site-Scripting.html