Vulnerabilities > Grocy

DATE CVE VULNERABILITY TITLE RISK
2020-10-14 CVE-2020-15253 Unspecified vulnerability in Grocy
Versions of Grocy <= 2.7.1 are vulnerable to Cross-Site Scripting via the Create Shopping List module, that is rendered upon deleting that Shopping List.
network
low complexity
grocy
4.8