3 matches found
CVE-2021-21425
GravCMS (Grav Admin Plugin)
CVE-2021-3920
The CVE-2021-3920 entry concerns grav-plugin-admin for Grav CMS. The vulnerability is Improper Neutralization of Input During Web Page Generation (Cross-Site Scripting). The issue is a stored XSS in getgrav/grav-plugin-admin per the CVE record. Affected component: grav-plugin-admin plugin; root c...
CVE-2021-3799
CVE-2021-3799 relates to grav-plugin-admin, where the vulnerability arises from improper restriction of rendered UI layers or frames. The connected documents consistently describe an admin UI access-control/UI-layer restriction flaw that can enable clickjacking due to missing frame protection hea...