How to fix EUVD-2025-200109?

Within 24 hours: Audit all user accounts with editor roles in Grav and disable or restrict access for any accounts outside your trusted team; immediately review recent form modifications in admin logs for unauthorized changes to form processing rules. Within 7 days: Implement network-based access controls limiting administrative access to Grav to authorized personnel only; deploy WAF rules to block POST requests to /admin/pages/* from untrusted sources. Within 30 days: Upgrade to Grav 1.8.0-beta.27 or later when available; conduct a full security audit of all form configurations for signs of tampering.

Is Grav affected by EUVD-2025-200109?

A critical authorization flaw in Grav CMS (CVE-2025-66301) allows editors with basic content permissions to modify form processing logic, potentially enabling data exfiltration, malicious actions, or further system compromise.

EUVD-2025-200109

| CVE-2025-66301 CRITICAL

2025-12-01 [email protected]

GHSA-v8x2-fjv7-8hjh

9.6

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

None

Lifecycle Timeline

Patch Released

Mar 31, 2026 - 21:13 nvd

Patch available

Analysis Generated

Mar 15, 2026 - 13:34 vuln.today

EUVD ID Assigned

Mar 15, 2026 - 13:34 euvd

EUVD-2025-200109

PoC Detected

Dec 03, 2025 - 15:50 vuln.today

Public exploit code

CVE Published

Dec 01, 2025 - 22:15 nvd

CRITICAL 9.6

Description

Grav is a file-based Web platform. Prior to 1.8.0-beta.27, due to improper authorization checks when modifying critical fields on a POST request to /admin/pages/{page_name}, an editor with only permissions to change basic content on the form is now able to change the functioning of the form through modifying the content of the data[_json][header][form] which is the YAML frontmatter which includes the process section which dictates what happens after a user submits the form which include some important actions that could lead to further vulnerabilities. This vulnerability is fixed in 1.8.0-beta.27.

Analysis

Technical Context

This vulnerability is classified as Improper Authorization (CWE-285).

Affected Products

Affected products: Getgrav Grav

Remediation

Monitor vendor advisories for patches. Apply mitigations such as network segmentation, access restrictions, and monitoring.

Priority Score

100

Low Medium High Critical

KEV: 0

EPSS: +31.9

CVSS: +48

POC: +20

EUVD-2025-200109 vulnerability details – vuln.today

Back

EUVD-2025-200109

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

EUVD-2025-200109

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code