Cross-site scripting vulnerability in GROWI (v4.2 Series) versions prior to v4.2.3 allows remote attackers to inject an arbitrary script via unspecified vectors.
[
{
"product": "GROWI v4.2 Series",
"vendor": "WESEEK, Inc.",
"versions": [
{
"status": "affected",
"version": "versions prior to v4.2.3"
}
]
}
]