CVE-2024-28119: Server Side Template Injection (SSTI) via Twig escape handler
(updated )
Due to the unrestricted access to twig extension class from grav context, an attacker can redefine the escape function and execute arbitrary commands.
References
- github.com/advisories/GHSA-2m7x-c7px-hp58
- github.com/getgrav/grav
- github.com/getgrav/grav/commit/de1ccfa12dbcbf526104d68c1a6bc202a98698fe
- github.com/getgrav/grav/security/advisories/GHSA-2m7x-c7px-hp58
- github.com/twigphp/Twig/blob/3.x/src/Extension/EscaperExtension.php
- nvd.nist.gov/vuln/detail/CVE-2024-28119
Detect and mitigate CVE-2024-28119 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →