3 matches found
CVE-2018-5233
Cross-site scripting XSS vulnerability in system/src/Grav/Common/Twig/Twig.php in Grav CMS before 1.3.0 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to admin/tools...
CVE-2018-5233
Grav CMS
Grav CMS 1.2.4 Cross Site Scripting
CVE-2018-5233 Grav CMS admin plugin Reflected Cross Site Scripting XSS vulnerability Description Grav CMS is a flat-file CMS using Markdown files for content management Official Website. It has been elected "Best Open Source CMS of 2016" by CMS critic. The application does not always filter user...