Cross-Site Scripting (XSS)
getgrav/grav is vulnerable to Reflected Cross-Site Scripting XSS. The vulnerability is due to improper input validation in the /admin/pages/page endpoint, which allows an attacker to inject malicious scripts via the dataheadercontentitems parameter...