CVE-2023-47215

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-47215

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-47215.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-47215

Published

2023-12-26T08:15:10.643Z

Modified

2026-04-10T05:05:05.105094Z

Severity

5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

Stored cross-site scripting vulnerability which is exploiting a behavior of the XSS Filter exists in GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product.

References

Affected packages

Git / github.com/weseek/growi

Affected ranges

Type

GIT

Repo

https://github.com/weseek/growi

Events

Introduced

Fixed

c92304e07267e510f8ea6be386df1771bed1d580

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "6.0.0"
        }
    ]
}

Affected versions

1.*

1.0.0-RC3

v1.*

v1.0.0-RC

v1.0.0-RC2

v1.0.0-RC4

v1.3.0

v1.3.1

v1.4.0

v1.5.0

v1.5.1

v1.5.2

v1.5.3

v1.6.0

v4.*

v4.4.0

v4.4.10

v4.4.11

v4.4.12

v4.4.13

v4.4.2

v4.4.3

v4.4.4

v4.4.5

v4.4.6

v4.4.7

v4.4.8

v4.4.9

v4.5.0

v4.5.1

v4.5.10

v4.5.11

v4.5.12

v4.5.13

v4.5.14

v4.5.15

v4.5.2

v4.5.3

v4.5.4

v4.5.5

v4.5.6

v4.5.7

v4.5.8

v4.5.9

v5.*

v5.0.0

v5.0.1

v5.0.10

v5.0.11

v5.0.2

v5.0.3

v5.0.4

v5.0.5

v5.0.6

v5.0.7

v5.0.8

v5.0.9

v5.1.0

v5.1.1

v5.1.2

v5.1.3

v5.1.4

v5.1.5

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-47215.json"