nvd-json-data-feeds/CVE-2023/CVE-2023-502xx/CVE-2023-50294.json

{
  "id": "CVE-2023-50294",
  "sourceIdentifier": "vultures@jpcert.or.jp",
  "published": "2023-12-26T08:15:11.427",
  "lastModified": "2023-12-26T20:34:16.103",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "The App Settings (/admin/app) page in GROWI versions prior to v6.0.6 stores sensitive information in cleartext form. As a result, the Secret access key for external service may be obtained by an attacker who can access the App Settings page."
    },
    {
      "lang": "es",
      "value": "La p\u00e1gina App Settings (/admin/app) en las versiones de GROWI anteriores a la v6.0.6 almacena informaci\u00f3n confidencial en forma de texto plano. Como resultado, un atacante que pueda acceder a la p\u00e1gina de configuraci\u00f3n de la aplicaci\u00f3n puede obtener la clave de acceso secreta para el servicio externo."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://jvn.jp/en/jp/JVN18715935/",
      "source": "vultures@jpcert.or.jp"
    },
    {
      "url": "https://weseek.co.jp/ja/news/2023/11/21/growi-prevent-xss6/",
      "source": "vultures@jpcert.or.jp"
    }
  ]
}
Auto-Update: 2023-12-26T09:00:24.312836+00:00 2023-12-26 09:00:27 +00:00			`{`
			`"id": "CVE-2023-50294",`
			`"sourceIdentifier": "vultures@jpcert.or.jp",`
			`"published": "2023-12-26T08:15:11.427",`
Auto-Update: 2023-12-26T21:00:25.506229+00:00 2023-12-26 21:00:29 +00:00			`"lastModified": "2023-12-26T20:34:16.103",`
			`"vulnStatus": "Awaiting Analysis",`
Auto-Update: 2023-12-26T09:00:24.312836+00:00 2023-12-26 09:00:27 +00:00			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "The App Settings (/admin/app) page in GROWI versions prior to v6.0.6 stores sensitive information in cleartext form. As a result, the Secret access key for external service may be obtained by an attacker who can access the App Settings page."`
Auto-Update: 2023-12-26T21:00:25.506229+00:00 2023-12-26 21:00:29 +00:00			`},`
			`{`
			`"lang": "es",`
			`"value": "La p\u00e1gina App Settings (/admin/app) en las versiones de GROWI anteriores a la v6.0.6 almacena informaci\u00f3n confidencial en forma de texto plano. Como resultado, un atacante que pueda acceder a la p\u00e1gina de configuraci\u00f3n de la aplicaci\u00f3n puede obtener la clave de acceso secreta para el servicio externo."`
Auto-Update: 2023-12-26T09:00:24.312836+00:00 2023-12-26 09:00:27 +00:00			`}`
			`],`
			`"metrics": {},`
			`"references": [`
			`{`
			`"url": "https://jvn.jp/en/jp/JVN18715935/",`
			`"source": "vultures@jpcert.or.jp"`
			`},`
			`{`
			`"url": "https://weseek.co.jp/ja/news/2023/11/21/growi-prevent-xss6/",`
			`"source": "vultures@jpcert.or.jp"`
			`}`
			`]`
			`}`