CNNVD-202512-3304 Information

CNNVD ID

CNNVD-202512-3304

Related CVE

CVE-2025-64700

• CNNVD Published: 2025-12-17

Description (Chinese)

Weseek Growi是日本Weseek公司的一个可以用Markdown编写的开源wiki系统。 Weseek Growi 7.3.3及之前版本存在跨站请求伪造漏洞，该漏洞源于容易受到跨站请求伪造攻击，可能导致用户执行非预期操作。

Description (English)

Weseek Growi is an open-source wiki system that Weseek, Japan, could use Markdown. Weseek Growi 7.3.3 and previous versions have a false gap in cross-site requests, which stems from the vulnerability of cross-site requests to false attacks and may lead to unintended operations by users.

Hazard Level

High

Vulnerability Type

跨站请求伪造

Affected Vendor

Weseek

Published

2025-12-17

Last Modified

2026-02-24

References

https://growi.co.jp/news/40/ https://jvn.jp/en/jp/JVN55745775/

Patch

https://docs.growi.org/en/admin-guide/