A cross-site scripting (XSS) vulnerability in Grav versions 1.7.44 and before, allows remote authenticated attackers to execute arbitrary web scripts or HTML via the onmouseover attribute of an ISINDEX element.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| getgrav/grav(Packagist) | 0 | N/A | N/A |
CVSS Metrics
