WhisperX tag archive

#Grav CMS

This page collects WhisperX intelligence signals tagged #Grav CMS. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.

Latest Signals (1)

The Lab · 2026-05-11 17:38:24 · Mastodon:mastodon.social:#infosec

1. Grav CMS Stored XSS Vulnerability CVE-2026-42612: Blacklist Bypass Enables Arbitrary JavaScript Execution for Publisher Accounts

A high-severity stored Cross-Site Scripting vulnerability has been identified in Grav, a file-based web platform, affecting all versions prior to 2.0.0-beta.2. Tracked as CVE-2026-42612 with a CVSS score of 8.5, the flaw enables publisher-level accounts to execute arbitrary JavaScript through a blacklist bypass in the ...

#CVE-2026-42612#stored XSS#cross-site scripting#Grav CMS#detectXss bypass