CVE-2023-50332

Name of the Vulnerable Software and Affected Versions GROWI versions prior to v6.0.6

Description An improper authorization issue exists in the User Management page, specifically at the /admin/users endpoint. This issue can lead to unintended deletion or suspension of a user's account.

Recommendations For versions prior to v6.0.6, update to version v6.0.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the /admin/users endpoint until the update is applied.