Количество 2
Количество 2
CVE-2025-66844
около 2 месяцев назад
In grav <1.7.49.5, a SSRF (Server-Side Request Forgery) vector may be triggered via Twig templates when page content is processed by Twig and the configuration allows undefined PHP functions to be registered
CVSS3: 9.1
EPSS: Низкий
GHSA-729w-j79f-2c34
около 2 месяцев назад
Grav may be vulnerable to SSRF attack via Twig Templates
CVSS3: 9.1
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-66844 In grav <1.7.49.5, a SSRF (Server-Side Request Forgery) vector may be triggered via Twig templates when page content is processed by Twig and the configuration allows undefined PHP functions to be registered | CVSS3: 9.1 | 0% Низкий | около 2 месяцев назад |
| GHSA-729w-j79f-2c34 Grav may be vulnerable to SSRF attack via Twig Templates | CVSS3: 9.1 | 0% Низкий | около 2 месяцев назад |
Уязвимостей на страницу
20