Known Vulnerabilities
CVE-2021-20737
Improper authentication vulnerability in GROWI versions prior to v4.2.20 allows a remote attacker to view the unauthorized pages without access privileges via unspecified vectors.
UNKNOWN
Published Jun 22, 2021
CVE-2021-20736
NoSQL injection vulnerability in GROWI versions prior to v4.2.20 allows a remote attacker to obtain and/or alter the information stored in the database via unspecified vectors.
UNKNOWN
Published Jun 22, 2021