Product
Grav API Plugin Vulnerable to CORS Misconfiguration Allowing Data Exposure and Unauthorized Operations
1 rule 3 TTPs 1 CVEThe Grav API plugin before version 1.0.0-rc.16 contains a CORS misconfiguration that sets `Access-Control-Allow-Origin: *` by default, enabling an attacker to perform authenticated cross-origin requests from a malicious website after obtaining a valid API token, leading to sensitive data exfiltration and unauthorized write operations.
Grav API Plugin Vulnerability Exposes JWT Access Tokens via URL Parameter
1 rule 6 TTPs 1 CVEThe Grav API plugin (getgrav/grav-plugin-api) before version 1.0.0-rc.16 is vulnerable to sensitive information exposure, accepting JWT access tokens via the '?token=' URL query parameter, causing these tokens to be logged in web server access logs, browser history, and potentially leaked through Referer headers, proxy, or CDN logs, which allows an attacker to gain unauthorized API access, read configuration and user data, create new admin accounts, modify system settings, and delete pages.