Vulnerabilities

CVE-2025-54806

by Fred · 23/10/2025

GROWI v4.2.7 and earlier contains a cross-site scripting vulnerability in the page alert function. If a user accesses a crafted URL while logged in to the affected product, an arbitrary script may be executed on the user’s web browser.

More information : https://growi.co.jp/news/38/

Similar

Tags: Cybersecurity Alert