CVE-2025-66311
CVE-2025-66311 refers to a Stored XSS vulnerability in Grav’s admin interface. The issue is in the "/admin/pages/[page]" endpoint where un sanitized input could be injected into data[header][metadata], data[header][taxonomy][category], and data[header][taxonomy][tag], with payloads stored in page...