Kenta Yamamoto

Researcher fromMitsui Bussan Secure Directions, Inc.
#20317of 53,633
12.6Total CVSS
Vulnerabilities · 2
Medium
2
PT-2022-26078
6.5
2022-10-24
Growi · Growi · CVE-2022-41799
**Name of the Vulnerable Software and Affected Versions** GROWI versions prior to 5.1.4 GROWI versions prior to 4.5.25 **Description** The issue allows a remote authenticated attacker to bypass access restrictions and download markdown data from pages set to private by other users. **Recommendations** For versions prior to 5.1.4, update to version 5.1.4 or later. For versions prior to 4.5.25, update to version 4.5.25 or later.
PT-2016-6156
6.1
2016-06-04
WordPress · Markdown On Save Improved · CVE-2016-4812
**Name of the Vulnerable Software and Affected Versions** Markdown on Save Improved plugin versions prior to 2.5.1 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML. **Recommendations** For versions prior to 2.5.1, update to version 2.5.1 or later to resolve the issue.