Grav is a file-based Web platform. Prior to 2.0.0-beta.2, a business logic vulnerability in the Grav Admin Panel allows a low-privileged user (with only user creation permissions) to overwrite existing accounts, including the primary administrator. By creating a new user with a username that already exists, the system updates the existing account's metadata and permissions instead of rejecting the request. This leads to a Denial of Service (DoS) on administrative functions and Privilege De-escalation of the root account. This vulnerability is fixed in 2.0.0-beta.2.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:HGetgrav Grav
APPGetgrav2.0.0≤ 1.8.0
Related vulnerabilities
GravCMS – nieuwierzytelniony zapis YAML i zdalne wykonanie kodu PHP
SSRF w Getgrav Grav przez szablony Twig — dostęp do zasobów wewnętrznych
XSS umożliwiający wykonanie kodu w Getgrav Grav (≤ 1.7.48)
Grav is a flat-file content management system. Versions prior to 1.7.42 are vulnerable to server side template...
Grav is a file-based Web platform. In Grav 2.0.0-beta.2, a low-privileged authenticated API user with api.medi...