getgrav/grav is vulnerable to remote code execution. An authenticated remote attacker is able to cause server side template injection via Twig
which renders risky functions by default, such as system
.
CPE | Name | Operator | Version |
---|---|---|---|
getgrav/grav | le | 1.7.33 | |
getgrav/grav | le | 1.7.33 |