VYPR
High severityNVD Advisory· Published Mar 15, 2021· Updated Aug 4, 2024

CVE-2020-29553

CVE-2020-29553

Description

The Scheduler in Grav CMS through 1.7.0-rc.17 allows an attacker to execute a system command by tricking an admin into visiting a malicious website (CSRF).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
getgrav/gravPackagist
>= 1.7.0-beta.1, <= 1.7.0-rc.17
getgrav/gravPackagist
< 1.6.301.6.30

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.