Lucene search
China National Vulnerability DatabaseCNVD-2022-20517HistoryMar 17, 2022 - 12:00 a.m.
Grav Cross-Site Scripting Vulnerability (CNVD-2022-20517)
2022-03-1700:00:00
China National Vulnerability Database
www.cnvd.org.cn
11
grav cms
cross-site scripting
vulnerability
data validation
javascript code
EPSS
0.001
Percentile
21.4%
Grav is a scalable CMS (content management system) for personal blogs, small content publishing platforms, and single-page product displays. cross-site scripting vulnerabilities exist in versions prior to Grav 1.7.31, which stem from the program’s lack of data validation filtering of user-supplied data and output. An attacker could use this vulnerability to execute JavaScript code on the client side.
Related
github
github
Stored Cross-site Scripting in grav
2022-03-16 00:00:45
osv
osv
Stored Cross-site Scripting in grav
2022-03-16 00:00:45
CVE-2022-0970
2022-03-15 17:15:08
huntr
huntr
Cross-site Scripting (XSS) - Stored
2022-03-01 09:35:14
nvd
nvd
CVE-2022-0970
2022-03-15 17:15:08
prion
prion
Cross site scripting
2022-03-15 17:15:00
cvelist
cvelist
CVE-2022-0970 Cross-site Scripting (XSS) - Stored in getgrav/grav
2022-03-15 16:40:10
veracode
veracode
Cross-Site Scripting (XSS)
2022-03-16 05:55:46
cve
cve
CVE-2022-0970
2022-03-15 17:15:08