CVE-2024-55074

Published: 2025-01-06T20:15Z

Last Modified: 2025-01-06T21:15Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

The edit profile function of Grocy through 4.3.0 allows stored XSS and resultant privilege escalation by uploading a crafted HTML or SVG file, a different issue than CVE-2024-8370. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt