High severity7.6NVD Advisory· Published Mar 30, 2026· Updated Apr 6, 2026
CVE-2026-29924
CVE-2026-29924
Description
Grav CMS v1.7.x and before is vulnerable to XML External Entity (XXE) through the SVG file upload functionality in the admin panel and File Manager plugin.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
News mentions
0No linked articles in our index yet.