CVE-2025-66297 | grav up to 1.8.0-beta.27 Twig special elements used in a template engine (GHSA-858q-77wx-hhx6)

A vulnerability identified as critical has been detected in grav up to 1.8.0-beta.27. This issue affects some unknown processing of the component Twig Handler. Performing manipulation results in improper neutralization of special elements used in a template engine.

This vulnerability is cataloged as CVE-2025-66297. It is possible to initiate the attack remotely. There is no exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More