Vulnerabilities > Getgrav > Grav > 1.7.33

DATE CVE VULNERABILITY TITLE RISK
2024-02-09 CVE-2023-31506 Cross-site Scripting vulnerability in Getgrav Grav
A cross-site scripting (XSS) vulnerability in Grav versions 1.7.44 and before, allows remote authenticated attackers to execute arbitrary web scripts or HTML via the onmouseover attribute of an ISINDEX element.
network
low complexity
getgrav CWE-79
5.4
5.4
2023-06-14 CVE-2023-34448 Code Injection vulnerability in Getgrav Grav
Grav is a flat-file content management system.
network
low complexity
getgrav CWE-94
7.2
7.2
2023-06-14 CVE-2023-34452 Cross-site Scripting vulnerability in Getgrav Grav
Grav is a flat-file content management system.
network
low complexity
getgrav CWE-79
6.1
6.1
2023-06-14 CVE-2023-34251 Code Injection vulnerability in Getgrav Grav
Grav is a flat-file content management system.
network
low complexity
getgrav CWE-94
7.2
7.2