Security Advisory

CVE-2025-54806

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-23 04:10:59

Last updated 2025-10-23 15:05:14

Assigner jpcert

State PUBLISHED

Description

GROWI v4.2.7 and earlier contains a cross-site scripting vulnerability in the page alert function. If a user accesses a crafted URL while logged in to the affected product, an arbitrary script may be executed on the users web browser.

← Browse all CVEs View on cve.org ↗