0.001 Low
EPSS
Percentile
21.0%
In grav prior to version 1.7.28, a low privilege user can create a page with arbitrary javascript by bypassing insufficent XSS filtering.
github.com/advisories/GHSA-735v-wx75-xmmm
github.com/getgrav/grav/commit/6f2fa9311afb9ecd34030dec2aff7b39e9e7e735
huntr.dev/bounties/67085545-331e-4469-90f3-a1a46a078d39
nvd.nist.gov/vuln/detail/CVE-2022-0268