CVE-2025-66311 | grav up to 1.10.x Admin Plugin /admin/pages/ cross site scripting (GHSA-mpjj-4688-3fxg)

A vulnerability has been found in grav up to 1.10.x and classified as problematic. The impacted element is an unknown function of the file /admin/pages/ of the component Admin Plugin. Performing manipulation results in cross site scripting.

This vulnerability is known as CVE-2025-66311. Remote exploitation of the attack is possible. No exploit is available.

The affected component should be upgraded.VulDB Recent EntriesRead More