Miggo Logo
Miggo Vulnerability Database
CVE-2023-31506

CVE-2023-31506: Cross-site scripting (XSS) vulnerability in Grav

5.4

CVSS Score
3.1

Basic Information

CVE ID
CVE-2023-31506
GHSA ID
GHSA-xrf8-cmrg-7436
EPSS Score
0.18757%
CWE
CWE-79
Published
2/9/2024
Updated
2/16/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
getgrav/gravcomposer< 1.7.44

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis:
In progress

WAF Protection Rules

WAF Rule

* *ross-sit* s*riptin* (XSS) vuln*r**ility in *r*v v*rsions *.*.** *n* ***or*, *llows r*mot* *ut**nti**t** *tt**k*rs to *x**ut* *r*itr*ry w** s*ripts or *TML vi* t** onmous*ov*r *ttri*ut* o* *n ISIN**X *l*m*nt.

Reasoning

No *n*lysis *v*il**l*