CVE-2025-54806 | GROWI up to 4.2.7 URL cross site scripting

October 23, 2025 Yanac

A vulnerability has been found in GROWI up to 4.2.7 and classified as problematic. The impacted element is an unknown function of the component URL Handler. The manipulation leads to cross site scripting.

This vulnerability is listed as CVE-2025-54806. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More

CVE-2025-54856 | Six Apart Movable Type Edit ContentData Page cross site scripting
CVE-2025-61865 | I-O DATA DEVICE NarSuS App up to 2.32 Windows Service unquoted search path