181 matches found
CVE-2025-65186
Grav CMS 1.7.49 is vulnerable to Cross Site Scripting XSS. The page editor allows authenticated users to edit page content via a Markdown editor. The editor fails to properly sanitize...
Cross-site Scripting (XSS)
Overview getgrav/grav is a Modern, Crazy Fast, Ridiculously Easy and Amazingly Powerful Flat-File CMS. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the admin/edit endpoint. An attacker can execute arbitrary scripts in the context of the admin interface by...
EUVD-2025-200265
Grav CMS 1.7.49 is vulnerable to Cross Site Scripting XSS. The page editor allows authenticated users to edit page content via a Markdown editor. The editor fails to properly sanitize tags, allowing stored XSS payloads to execute when pages are viewed in the admin interface...
Grav CMS is vulnerable to Cross Site Scripting (XSS) in the page editor
Grav CMS 1.7.49 is vulnerable to Cross Site Scripting XSS. The page editor allows authenticated users to edit page content via a Markdown editor. The editor fails to properly sanitize tags, allowing stored XSS payloads to execute when pages are viewed in the admin interface...
GHSA-CCHQ-397M-Q2QM Grav CMS is vulnerable to Cross Site Scripting (XSS) in the page editor
Grav CMS 1.7.49 is vulnerable to Cross Site Scripting XSS. The page editor allows authenticated users to edit page content via a Markdown editor. The editor fails to properly sanitize tags, allowing stored XSS payloads to execute when pages are viewed in the admin interface...
CVE-2025-65186
Grav CMS 1.7.49 is vulnerable to Cross Site Scripting XSS. The page editor allows authenticated users to edit page content via a Markdown editor. The editor fails to properly sanitize tags, allowing stored XSS payloads to execute when pages are viewed in the admin interface...
CVE-2025-65186
Grav CMS 1.7.49 is vulnerable to Cross Site Scripting XSS. The page editor allows authenticated users to edit page content via a Markdown editor. The editor fails to properly sanitize tags, allowing stored XSS payloads to execute when pages are viewed in the admin interface...
CVE-2025-65186
Grav CMS 1.7.49 is vulnerable to Cross Site Scripting XSS. The page editor allows authenticated users to edit page content via a Markdown editor. The editor fails to properly sanitize tags, allowing stored XSS payloads to execute when pages are viewed in the admin interface...
PT-2025-48711
Grav CMS 1.7.49 is vulnerable to Cross Site Scripting XSS. The page editor allows authenticated users to edit page content via a Markdown editor. The editor fails to properly sanitize tags, allowing stored XSS payloads to execute when pages are viewed in the admin interface...
CVE-2025-65186
Grav CMS 1.7.49 is vulnerable to Cross Site Scripting XSS. The page editor allows authenticated users to edit page content via a Markdown editor. The editor fails to properly sanitize tags, allowing stored XSS payloads to execute when pages are viewed in the admin interface...
CVE-2025-65186
Summary (CVE-2025-65186): Grav CMS 1.7.49 is reported vulnerable to Cross Site Scripting (XSS) via the page editor. The Markdown editor does not adequately sanitize script tags, enabling stored XSS payloads that execute when pages are viewed in the admin interface. Affected component: the admin/p...
EUVD-2021-12814
Malware in sbrugna...
EUVD-2020-11848
Malware in sbrugna...
EUVD-2021-13619
Malware in sbrugna...
EUVD-2021-25752
Malware in sbrugna...
EUVD-2020-3434
Malware in sbrugna...
EUVD-2022-29622
Malicious code in bioql PyPI...
EUVD-2024-39062
Malicious code in bioql PyPI...
EUVD-2023-1282
Malicious code in bioql PyPI...
EUVD-2024-1633
Malicious code in bioql PyPI...