CNNVD-202507-3328 Information

CNNVD ID

CNNVD-202507-3328

Related CVE

CVE-2025-46199

• CNNVD Published: 2025-07-25

Description (Chinese)

Grav是Grav开源的一套可扩展的用于个人博客、小型内容发布平台和单页产品展示的CMS（内容管理系统）。 Grav 1.7.48及之前版本存在安全漏洞，该漏洞源于表单字段输入验证不足，可能导致跨站脚本。

Description (English)

Grav is an extended set of CMS (Content Management System) for personal blogs, small content distribution platforms and single-page product presentations. Grav 1.7.48 and previous versions had a security loophole, which stemmed from inadequate validation of table field input, which could lead to cross-site scripts.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

Grav

Published

2025-07-25

Last Modified

2026-02-24

References

https://rapid-echo-f9c.notion.site/Grav-XSS-25-04-21-1dcaf8998a078001a2eff3dc47974d6d?pvs=4 https://tyojong.tistory.com/2