0.001 Low
EPSS
Percentile
21.6%
getgrav/grav is vulnerable to cross-site scripting. This is due to improper encoding of the `` tags, which allows an attacker to insert and execute malicious javascript.
github.com/getgrav/grav/commit/afc69a3229bb6fe120b2c1ea27bc6f196ed7284d
huntr.dev/bounties/b1182515-d911-4da9-b4f7-b4c341a62a8d
huntr.dev/bounties/b1182515-d911-4da9-b4f7-b4c341a62a8d/