Privilege Escalation
getgrav/grav is vulnerable to Privilege Escalation PE. The vulnerability is due to improper handling of Twig processing in page frontmatter, which allows an attacker to inject malicious Twig expressions and escalate privileges or execute arbitrary system commands via the scheduler API...