Grav Cms Security Vulnerabilities and Issues — Grav Cms CVE List

Lucene search

GetgravGrav Cms

2 matches found

CVE•added 2019/09/09 2:15 a.m.•125 views

CVE-2019-16126

Grav through 1.6.15 allows (Stored) Cross-Site Scripting due to JavaScript execution in SVG images.

6.1CVSS6AI score0.00613EPSS

CVE•added 2018/03/19 9:29 p.m.•49 views

CVE-2018-5233

Cross-site scripting (XSS) vulnerability in system/src/Grav/Common/Twig/Twig.php in Grav CMS before 1.3.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin/tools.

6.1CVSS5.9AI score0.18828EPSS