CVE-2025-66310 | grav up to 1.10.x Admin Plugin /admin/pages/ cross site scripting (GHSA-7g78-5g5g-mvfj)

A vulnerability, which was classified as problematic, was found in grav up to 1.10.x. The affected element is an unknown function of the file /admin/pages/ of the component Admin Plugin. Such manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2025-66310. The attack may be launched remotely. There is no exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More