CVE-2024-27923

Published: 2024-03-21T02:52Z

Last Modified: 2025-01-02T23:02Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Grav is a content management system (CMS). Prior to version 1.7.43, users who may write a page may use the `frontmatter` feature due to insufficient permission validation and inadequate file name validation. This may lead to remote code execution. Version 1.7.43 fixes this issue. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt