2019-07-05 13:20:17
jpcert
PUBLISHED
Cross-site request forgery (CSRF) vulnerability in GROWI v3.4.6 and earlier allows remote attackers to hijack the authentication of administrators via updating users Basic Info.