A Cross-Site Scripting (XSS) vulnerability in the 'product description' component within '/api/stock/products' of Grocy version <= 4.0.3 allows malicious users to obtain a victim's cookies.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
grocy project grocy 4.0.3 |