CVSS: 8.8EPSS: 4%CPEs: 1EXPL: 2CVE-2023-34253 – Grav vulnerable to Server-side Template Injection (SSTI) via Denylist Bypass
https://notcve.org/view.php?id=CVE-2023-34253
14 Jun 2023 — Grav is a flat-file content management system. Prior to version 1.7.42, the denylist introduced in commit 9d6a2d to prevent dangerous functions from being executed via injection of malicious templates was insufficient and could be easily subverted in multiple ways -- (1) using unsafe functions that are not banned, (2) using capitalised callable names, and (3) using fully-qualified names for referencing callables. Consequently, a low privileged attacker with login access to Grav Admin panel and page creation... • https://github.com/getgrav/grav/blob/1.7.40/system/src/Grav/Common/Utils.php#L1952-L2190 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-184: Incomplete List of Disallowed Inputs CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 1CVE-2023-34252 – Grav Server-side Template Injection via Insufficient Validation in filterFilter
https://notcve.org/view.php?id=CVE-2023-34252
14 Jun 2023 — Grav is a flat-file content management system. Prior to version 1.7.42, there is a logic flaw in the `GravExtension.filterFilter()` function whereby validation against a denylist of unsafe functions is only performed when the argument passed to filter is a string. However, passing an array as a callable argument allows the validation check to be skipped. Consequently, a low privileged attacker with login access to Grav Admin panel and page creation/update permissions is able to inject malicious templates to... • https://github.com/getgrav/grav/blob/1.7.40/system/src/Grav/Common/Twig/Extension/GravExtension.php#L1692-L1698 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-184: Incomplete List of Disallowed Inputs CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine •
CVSS: 9.9EPSS: 1%CPEs: 1EXPL: 1CVE-2023-34251 – Grav Server Side Template Injection vulnerability
https://notcve.org/view.php?id=CVE-2023-34251
14 Jun 2023 — Grav is a flat-file content management system. Versions prior to 1.7.42 are vulnerable to server side template injection. Remote code execution is possible by embedding malicious PHP code on the administrator screen by a user with page editing privileges. Version 1.7.42 contains a fix for this issue. • https://github.com/getgrav/grav/blob/develop/system/src/Grav/Common/Twig/Extension/GravExtension.php#L174 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2073 – Code Injection in getgrav/grav
https://notcve.org/view.php?id=CVE-2022-2073
29 Jun 2022 — Code Injection in GitHub repository getgrav/grav prior to 1.7.34. Una Inyección de Código en el repositorio GitHub getgrav/grav versiones anteriores a 1.7.34 • https://github.com/getgrav/grav/commit/9d6a2dba09fd4e56f5cdfb9a399caea355bfeb83 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1173 – stored xss in getgrav/grav
https://notcve.org/view.php?id=CVE-2022-1173
26 Apr 2022 — stored xss in GitHub repository getgrav/grav prior to 1.7.33. Una vulnerabilidad de tipo xss almacenado en el repositorio de GitHub getgrav/grav versiones anteriores a 1.7.33 • https://github.com/getgrav/grav/commit/1c0ed43afa5dc14169e6aa693b38e1a2f7aecad9 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0970 – Cross-site Scripting (XSS) - Stored in getgrav/grav
https://notcve.org/view.php?id=CVE-2022-0970
15 Mar 2022 — Cross-site Scripting (XSS) - Stored in GitHub repository getgrav/grav prior to 1.7.31. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Almacenado en el repositorio de GitHub getgrav/grav versiones anteriores a 1.7.31 • https://github.com/getgrav/grav/commit/f19297d5f70476e7bedae9f2acef6b43615538b8 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0743 – Cross-site Scripting (XSS) - Stored in getgrav/grav
https://notcve.org/view.php?id=CVE-2022-0743
28 Feb 2022 — Cross-site Scripting (XSS) - Stored in GitHub repository getgrav/grav prior to 1.7.31. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Almacenado en el repositorio GitHub getgrav/grav versiones anteriores a 1.7.31. • https://github.com/getgrav/grav/commit/3dd0cabeac9835fe64dcb4b68c658b39f1f6be2f • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.7EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0268 – Cross-site Scripting (XSS) - Stored in getgrav/grav
https://notcve.org/view.php?id=CVE-2022-0268
25 Jan 2022 — Cross-site Scripting (XSS) - Stored in Packagist getgrav/grav prior to 1.7.28. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Almacenado en Packagist getgrav/grav versiones anteriores a 1.7.28 • https://github.com/getgrav/grav/commit/6f2fa9311afb9ecd34030dec2aff7b39e9e7e735 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-3924 – Path Traversal in getgrav/grav
https://notcve.org/view.php?id=CVE-2021-3924
05 Nov 2021 — grav is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') grav es vulnerable a una limitación inadecuada de un nombre de ruta a un directorio restringido ("Salto de Ruta") • https://github.com/getgrav/grav/commit/8f9c417c04b89dc8d2de60b95e7696821b2826ce • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 1CVE-2021-3904 – Cross-site Scripting (XSS) - Stored in getgrav/grav
https://notcve.org/view.php?id=CVE-2021-3904
27 Oct 2021 — grav is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') grav es vulnerable a una Neutralización Inapropiada de Entradas Durante la Generación de Páginas Web ("Cross-site Scripting") • https://github.com/getgrav/grav/commit/afc69a3229bb6fe120b2c1ea27bc6f196ed7284d • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •