Grav Plugin Admin
CVE-2021-3799
MEDIUM
Severity by source
AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Lifecycle Timeline
1DescriptionNVD
grav-plugin-admin is vulnerable to Improper Restriction of Rendered UI Layers or Frames
AnalysisAI
grav-plugin-admin is vulnerable to Improper Restriction of Rendered UI Layers or Frames. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Technical ContextAI
This vulnerability is classified under CWE-1021. grav-plugin-admin is vulnerable to Improper Restriction of Rendered UI Layers or Frames Affected products include: Getgrav Grav-Plugin-Admin.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Grav Plugin Admin
View allGrav Admin Plugin is an HTML user interface that provides a way to configure Grav and create and modify pages. Rated cri
A security vulnerability in This admin (CVSS 6.5). Risk factors: public PoC available. Vendor patch is available.
This admin plugin for Grav is an HTML user interface that provides a convenient way to configure Grav and easily create
This admin plugin for Grav is an HTML user interface that provides a convenient way to configure Grav and easily create
This admin plugin for Grav is an HTML user interface that provides a convenient way to configure Grav and easily create
This admin plugin for Grav is an HTML user interface that provides a convenient way to configure Grav and easily create
This admin plugin for Grav is an HTML user interface that provides a convenient way to configure Grav and easily create
grav-plugin-admin is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting').
Share
External POC / Exploit Code
Leaving vuln.today