Grav is a flat-file content management system. Versions prior to 1.7.42 are vulnerable to server side template injection. Remote code execution is possible by embedding malicious PHP code on the administrator screen by a user with page editing privileges. Version 1.7.42 contains a fix for this issue.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2023-06-14T21:31:31.908Z
Updated: 2024-08-02T16:01:54.348Z
Reserved: 2023-05-31T13:51:51.174Z
Link: CVE-2023-34251
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-06-14T22:15:09.333
Modified: 2024-11-21T08:06:51.773
Link: CVE-2023-34251
Redhat
No data.