Cross-Site Scripting (XSS) vulnerability in the ‘manageApiKeys’ component of Grocy 4.0.3 and previous versions allows malicious users to obtain victim's cookies when the victim clicks on the "see QR code" function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
grocy project grocy 4.0.3 |