Vulnerabilities > Getgrav > Grav

DATE CVE VULNERABILITY TITLE RISK
2022-02-28 CVE-2022-0743 Cross-site Scripting vulnerability in Getgrav Grav
Cross-site Scripting (XSS) - Stored in GitHub repository getgrav/grav prior to 1.7.31.
network
getgrav CWE-79
3.5
3.5
2022-01-25 CVE-2022-0268 Cross-site Scripting vulnerability in Getgrav Grav
Cross-site Scripting (XSS) - Stored in Packagist getgrav/grav prior to 1.7.28.
network
getgrav CWE-79
3.5
3.5
2021-11-05 CVE-2021-3924 Path Traversal vulnerability in Getgrav Grav
grav is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
network
low complexity
getgrav CWE-22
5.0
5.0
2021-10-27 CVE-2021-3904 Cross-site Scripting vulnerability in Getgrav Grav
grav is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
network
getgrav CWE-79
3.5
3.5
2021-09-27 CVE-2021-3818 Reliance on Cookies without Validation and Integrity Checking vulnerability in Getgrav Grav
grav is vulnerable to Reliance on Cookies without Validation and Integrity Checking
network
low complexity
getgrav CWE-565
5.0
5.0
2021-04-13 CVE-2021-29440 Code Injection vulnerability in Getgrav Grav
Grav is a file based Web-platform.
network
low complexity
getgrav CWE-94
7.2
7.2
2020-04-04 CVE-2020-11529 Open Redirect vulnerability in Getgrav Grav
Common/Grav.php in Grav before 1.7 has an Open Redirect.
network
getgrav CWE-601
5.8
5.8