CVE-2022-1173

stored xss in getgrav/grav

CVSS 8.2 HIGHEPSS 1.5%CWE-79

stored xss in GitHub repository getgrav/grav prior to 1.7.33.

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:H

Affected products

getgrav · getgrav/grav

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/getgrav/grav/commit/1c0ed43afa5dc14169e6aa693b38e1a2f7aecad9 https://huntr.dev/bounties/b6016e95-9f48-4945-89cb-199b6e072218