High severity8.8NVD Advisory· Published Jul 25, 2025· Updated Jun 17, 2026
CVE-2025-46198
CVE-2025-46198
Description
Cross Site Scripting vulnerability in grav v.1.7.48, v.1.7.47 and v.1.7.46 allows an attacker to execute arbitrary code via the onerror attribute of the img element
Affected products
2Patches
Vulnerability mechanics
References
2- rapid-echo-f9c.notion.site/Grav-XSS-1dbaf8998a078072bb30ffc9b9e7ab4anvdExploitMitigationThird Party Advisory
- tyojong.tistory.com/1nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.