Cross-site scripting vulnerability in GROWI (v4.2 Series) versions prior to v4.2.3 allows remote attackers to inject an arbitrary script via unspecified vectors.Referenceshttps://github.com/weseek/growihttps://weseek.co.jp/security/2021/01/18/vulnerability/growi-prevent-xss4/https://jvn.jp/en/jp/JVN57544707/index.html
