CVE-2025-66300 | grav up to 1.8.0-beta.27 Frontmatter Form /grav/user/accounts/ path traversal (GHSA-p4ww-mcp9-j6f2)

A vulnerability categorized as critical has been discovered in grav up to 1.8.0-beta.27. The affected element is an unknown function of the file /grav/user/accounts/ of the component Frontmatter Form. Executing manipulation can lead to path traversal.

This vulnerability is tracked as CVE-2025-66300. The attack can be launched remotely. No exploit exists.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More