GHSA-r6hh-5g3q-wwgc

GitHub Security Advisory

Stored Cross-site Scripting in grav

✓ GitHub Reviewed HIGH Has CVE

Grav prior to 1.7.31 is vulnerable to stored cross-site scripting.

Packagist getgrav/grav

Affected versions: 0 (fixed in 1.7.31)

CVE-2022-0970

GHSA ID

GHSA-r6hh-5g3q-wwgc

Published

March 16, 2022 12:00 AM

Last Modified

March 28, 2022 10:27 PM

CVSS Score

7.5 /10

Primary Ecosystem

Packagist

Primary Package

getgrav/grav

GitHub Reviewed

✓ Yes

Last updated: September 16, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.