CVE-2026-26291 – GROWI Stored Cross-Site Scripting Vulnerability

CVE ID :CVE-2026-26291

Published : April 15, 2026, 4:19 a.m. | 1 hour, 38 minutes ago

Description :Stored cross-site scripting vulnerability exists in GROWI v7.4.6 and earlier. If this vulnerability is exploited, an arbitrary script may be executed in a user’s web browser.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…