CVE-2024-55075 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Grocy through 4.3.0 allows remote attackers to obtain sensitive information via direct requests to pages that are not shown in the UI, such as calendar and reci…
Medium CVSS: 4.3

CVE-2024-55075

Grocy through 4.3.0 allows remote attackers to obtain sensitive information via direct requests to pages that are not shown in the UI, such as calendar and recipes.
Vendor
Grocy Project
Product
Grocy
CWE
CWE-425
Yayın Tarihi
2025-01-06 21:15:14
Güncelleme
2025-09-29 17:47:24
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-425 Grocy MEDIUM Grocy Project 2025

Referanslar

https://m10x.de/posts/2024/11/all-your-recipe-are-belong-to-us-part-1/3-stored-xss-csrf-and-broken-access-control-vulnerabilities-in-grocy/