2 matches found
Server-side Template Injection(SSTI)
getgrav/grav is vulnerable to Server-side Template InjectionSSTI. The vulnerability exists in filterFilter function of GravExtension.php, because an array might omit the validation check when the parameter is a string. This enables an authenticated attacker to insert malicious templates and perfo...
Server-Side Template Injection (SSTI)
getgrav/grav is vulnerable to Server-Side Template Injection SSTI. The vulnerability exists because the Filter function of GravExtension.php does not properly block the other built-in functions exposed by Twig's Core Extension, which allows an attacker to invoke arbitrary unsafe functions, leadin...