CVE-2026-12188 | Grit42 Grit up to 0.11.0 GritEntityController grit_entity_controller.rb sql injection

A vulnerability, which was classified as critical, has been found in Grit42 Grit up to 0.11.0. Affected by this issue is some unknown functionality of the file modules/core/backend/app/controllers/concerns/grit/core/grit_entity_controller.rb of the component GritEntityController. Performing a manipulation results in sql injection.

This vulnerability was named CVE-2026-12188. The attack may be initiated remotely. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More