Cross-site scripting vulnerability in GROWI (v4.2 Series) versions prior to v4.2.3 allows remote malicious users to inject an arbitrary script via unspecified vectors.
weseek growi