stored xss in getgrav/grav
Mar 26th 2022
Proof of Concept
1. A low-priv user create a page with the following payload:
a'"></title></script><img src=x onerror=confirm(document.domain)></p>
2. Victim visit the page and see xss is executed
XSS alert will show the domain name.