CVE-2020-5682: Input Validation
First published: Wed Dec 16 2020(Updated: )
Improper input validation in GROWI versions prior to v4.2.3 (v4.2 Series), GROWI versions prior to v4.1.12 (v4.1 Series), and GROWI v3 series and earlier GROWI versions prior to v4.2.3 (v4.2 Series), GROWI versions prior to v4.1.12 (v4.1 Series), and GROWI v3 series and earlier allows remote attackers to cause a denial of service via unspecified vectors.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| WESEEK GROWI | <=3.8.2 | |
| WESEEK GROWI | >=4.1.0<4.1.12 | |
| WESEEK GROWI | >=4.2.0<4.2.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- vendor/weseek
- canonical/weseek growi
- version/weseek growi/3.8.2
- version/weseek growi/4.1.0
- version/weseek growi/4.2.0