CVE-2021-3818: Reliance on Cookies without Validation and Integrity Checking

September 29, 2021 (updated October 4, 2021)

grav is vulnerable to Reliance on Cookies without Validation and Integrity Checking

References

github.com/advisories/GHSA-cg3q-59w7-rvc2
github.com/getgrav/grav/commit/c51fb1779b83f620c0b6f3548d4a96322b55df07
huntr.dev/bounties/c2bc65af-7b93-4020-886e-8cdaeb0a58ea

Detect and mitigate CVE-2021-3818 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →