WRITEUP

Exploit for CVE-2025-66307 - Grav <1.11.0-beta.1 - Info Disclosure

AI Analysis

This patch addresses multiple security vulnerabilities in Grav CMS Admin Plugin, including user enumeration via rate-limited password reset messages, stored XSS in group display names, and XSS in taxonomy fields and selectize dropdowns. The fixes involve generic error messages, HTML escaping, and safe rendering functions.

Attack Type

XSS | info_leak

Complexity

moderate

Reliability

reliable

MITRE ATT&CK

T1059.007 - JavaScript T1190 - Exploit Public-Facing Application

Loading exploit code...

Download ZIP Password: eip

Source

Platform Writeup

Type patch

Files 1

https://github.com/getgrav/grav-plugin-admin/commit/99f653296504f1d6408510dd2f6f20a45a26f9b0

Authors

Andy Miller

Vulnerability

CVE-2025-66307

Grav <1.11.0-beta.1 - Info Disclosure

MEDIUM

CVSS 6.5