cve/CVE-2024-55075.md at 1fb02038e87a1b489511d558fdadb673d8f4753f

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00

0xMarcio 1fb02038e8 Update CVE sources 2025-09-29 16:08

2025-09-29 16:08:36 +00:00

726 B

Raw Blame History

CVE-2024-55075

Description

Grocy through 4.3.0 allows remote attackers to obtain sensitive information via direct requests to pages that are not shown in the UI, such as calendar and recipes.

POC

Reference

https://m10x.de/posts/2024/11/all-your-recipe-are-belong-to-us-part-1/3-stored-xss-csrf-and-broken-access-control-vulnerabilities-in-grocy/

Github

No PoCs found on GitHub currently.

726 B Raw Blame History

CVE-2024-55075

Description

POC

Reference

Github

726 B

Raw Blame History