Server-side Template Injection (SSTI) in grav
CVE-2023-37897

7.2HIGH

Key Information:

Vendor

Getgrav

Status
Grav
Vendor
CVE Published:
18 July 2023

What is CVE-2023-37897?

Grav, a file-based web platform built in PHP, is susceptible to a server side template injection vulnerability due to improper validation in its template processing functionality. The flaw exists because a previous fix incorrectly allows certain functions to bypass the denylist, enabling an attacker to execute malicious payloads. This exploitation requires either an administrator account or a non-administrator account with specific permissions within the admin panel. Users are strongly encouraged to update to version 1.7.42.2, where this issue has been resolved, as there are currently no known workarounds.

Affected Version(s)

grav < 1.7.42.2

References

https://github.com/getgrav/grav/security/advisories/GHSA-...
x_refsource_CONFIRM
https://github.com/getgrav/grav/commit/71bbed12f950de8335...
x_refsource_MISC
https://github.com/getgrav/grav/commit/b4c62101a43051fc7f...
x_refsource_MISC

CVSS V3.1

Score:
7.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.