CVE-2025-66299 | grav up to 1.8.0-beta.27 Twig code injection (GHSA-gjc5-8cfh-653x)

A vulnerability marked as critical has been reported in grav up to 1.8.0-beta.27. This impacts an unknown function of the component Twig Handler. This manipulation causes code injection.

This vulnerability is registered as CVE-2025-66299. Remote exploitation of the attack is possible. No exploit is available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More