MEDIUM
Grav
CVE published 2026-06-18
CVE-2026-11982
CVE-2026-11982 is a stored cross-site scripting (XSS) vulnerability in Grav 2.0.0-rc.9 with Admin2 2.0.0-rc.14, affecting the Admin2 Pages API save flow. The CVE record was published on 2026-06-18T17:16:28.093Z and was last modified on 2026-06-22T17:56:35.757Z. This vulnerability allows for stored cross-site scripting (XSS) attacks, which could potentially allow an attacker to inject malicious scripts int [truncated]