Medium severity4.8NVD Advisory· Published Sep 7, 2018· Updated Jun 17, 2026
CVE-2018-0655
CVE-2018-0655
Description
Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via the app settings section of admin page.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- jvn.jp/en/jp/JVN18716340/index.htmlnvdThird Party AdvisoryVDB Entry
- weseek.co.jp/security/2018/07/31/growi-prevent-xss/nvdVendor Advisory
News mentions
0No linked articles in our index yet.