CVE-2026-42845 Grav: Anonymous Page Content Overwrite via Form File Upload filename Override

The form plugin for Grav adds the ability to create and use forms. Prior to 9.1.0 , there is an unauthenticated page-content overwrite via file upload GHSA-w4rc-p66m-x6qq. Public form uploads now strip path components from the POST-supplied filename and hard-block page-content extensions md, yaml...

EUVD-2024-0998

Malicious code in bioql PyPI...

Code Injection

getgrav/grav is vulnerable to Code Injection. The vulnerability is due to unrestricted access to the Twig extension class from the Grav context. This flaw allows attackers to redefine configuration variables and bypass previous Server-Side Template Injection SSTI mitigations...

Code Injection

getgrav/grav is vulnerable to Code Injection. The vulnerability is due to unrestricted access to the twig extension class from the Grav context within twig.php, which allows attackers to redefine the escape function and execute arbitrary commands...

GHSA-2M7X-C7PX-HP58 Server Side Template Injection (SSTI) via Twig escape handler

Summary Due to the unrestricted access to twig extension class from grav context, an attacker can redefine the escape function and execute arbitrary commands. Details https://github.com/twigphp/Twig/blob/3.x/src/Extension/EscaperExtension.phpL99 php / Defines a new escaper to be used via the esca...

GHSA-R6VW-8V8R-PMP4 Server Side Template Injection (SSTI)

Summary Due to the unrestricted access to twig extension class from grav context, an attacker can redefine config variable. As a result, attacker can bypass previous patch. Details The twig context has a function declared called getFunction. php public function getFunction$name if...

Server Side Template Injection (SSTI)

Summary Due to the unrestricted access to twig extension class from grav context, an attacker can redefine config variable. As a result, attacker can bypass previous patch. Details The twig context has a function declared called getFunction. php public function getFunction$name if...

CVE-2024-28119

Grav is an open-source, flat-file content management system. Prior to version 1.7.45, due to the unrestricted access to twig extension class from grav context, an attacker can redefine the escape function and execute arbitrary commands. Twig processing of static pages can be enabled in the front...

CVE-2024-28119 Grav vulnerable to Server Side Template Injection (SSTI) via Twig escape handler

Grav is an open-source, flat-file content management system. Prior to version 1.7.45, due to the unrestricted access to twig extension class from grav context, an attacker can redefine the escape function and execute arbitrary commands. Twig processing of static pages can be enabled in the front...

Grav 代码注入漏洞

Grav is an extensible CMS Content Management System for personal blogs, small content publishing platforms, and one-page product presentations. A security vulnerability exists in Grav prior to version 1.7.45, which stems from unrestricted access to the twig extension class from the Grav environme...

Grav 安全漏洞

Grav is an extensible CMS Content Management System for personal blogs, small content publishing platforms, and one-page product displays. A security vulnerability exists in Grav prior to version 1.7.45, which stems from unrestricted access to the twig extension class from the grav environment...

PT-2024-22273 · Grav · Grav

Name of the Vulnerable Software and Affected Versions: Grav versions prior to 1.7.45 Description: The issue arises due to unrestricted access to the twig extension class from the Grav context, allowing an attacker to redefine config variables and bypass previous SSTI mitigation. This can lead to...

CVE-2023-46734: Potential XSS vulnerabilities in CodeExtension filters

Affected versions Symfony versions =2.0.0,4.4.51, =5.0.0,5.4.31, and =6.0.0,6.3.8 of the Symfony Twig Bridge are affected by this security issue. The issue has been fixed in Symfony 4.4.51, 5.4.31, 6.3.8. All other versions are not maintained anymore. Description Some filters in the CodeExtension...