CVE-2021-3924 – Path Traversal in getgrav/grav
https://notcve.org/view.php?id=CVE-2021-3924
grav is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') grav es vulnerable a una limitación inadecuada de un nombre de ruta a un directorio restringido ("Salto de Ruta") • https://github.com/getgrav/grav/commit/8f9c417c04b89dc8d2de60b95e7696821b2826ce https://huntr.dev/bounties/7ca13522-d0c9-4eff-a7dd-6fd1a7f205a2 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2021-3904 – Cross-site Scripting (XSS) - Stored in getgrav/grav
https://notcve.org/view.php?id=CVE-2021-3904
grav is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') grav es vulnerable a una Neutralización Inapropiada de Entradas Durante la Generación de Páginas Web ("Cross-site Scripting") • https://github.com/getgrav/grav/commit/afc69a3229bb6fe120b2c1ea27bc6f196ed7284d https://huntr.dev/bounties/b1182515-d911-4da9-b4f7-b4c341a62a8d • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-3818 – Reliance on Cookies without Validation and Integrity Checking in getgrav/grav
https://notcve.org/view.php?id=CVE-2021-3818
grav is vulnerable to Reliance on Cookies without Validation and Integrity Checking grav es vulnerable a una Dependencia de Cookies sin comprobación ni Comprobación de Integridad • https://github.com/getgrav/grav/commit/c51fb1779b83f620c0b6f3548d4a96322b55df07 https://huntr.dev/bounties/c2bc65af-7b93-4020-886e-8cdaeb0a58ea • CWE-565: Reliance on Cookies without Validation and Integrity Checking •
CVE-2021-3799 – Improper Restriction of Rendered UI Layers or Frames in getgrav/grav-plugin-admin
https://notcve.org/view.php?id=CVE-2021-3799
grav-plugin-admin is vulnerable to Improper Restriction of Rendered UI Layers or Frames grav-plugin-admin es vulnerable a una Restricción Inapropiada de Capas o Marcos de Interfaz de Usuario Renderizados • https://github.com/getgrav/grav-plugin-admin/commit/853abfbbd3c14a0a601c941dcfaa3858b6283b69 https://huntr.dev/bounties/d73f24a8-302b-4f9f-abb8-54688abd9813 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVE-2021-29440 – Twig allowing dangerous PHP functions by default
https://notcve.org/view.php?id=CVE-2021-29440
Grav is a file based Web-platform. Twig processing of static pages can be enabled in the front matter by any administrative user allowed to create or edit pages. As the Twig processor runs unsandboxed, this behavior can be used to gain arbitrary code execution and elevate privileges on the instance. The issue was addressed in version 1.7.11. Grav es una plataforma web basada en archivos. • https://www.exploit-db.com/exploits/49961 https://github.com/CsEnox/CVE-2021-29440 http://packetstormsecurity.com/files/162987/Grav-CMS-1.7.10-Server-Side-Template-Injection.html https://blog.sonarsource.com/grav-cms-code-execution-vulnerabilities https://github.com/getgrav/grav/security/advisories/GHSA-g8r4-p96j-xfxc https://packagist.org/packages/getgrav/grav • CWE-94: Improper Control of Generation of Code ('Code Injection') •