SecuriTricks - CVE-2025-66307

Description

This admin plugin for Grav is an HTML user interface that provides a convenient way to configure Grav and easily create and modify pages. Prior to 1.11.0-beta.1, a user enumeration and email disclosure vulnerability exists in Grav. The "Forgot Password" functionality at /admin/forgot leaks information about valid usernames and their associated email addresses through distinct server responses. This allows an attacker to enumerate users and disclose sensitive email addresses, which can be leveraged for targeted attacks such as password spraying, phishing, or social engineering. This vulnerability is fixed in 1.11.0-beta.1.

Product(s) Impacted

Vendor	Product	Versions
Getgrav	Grav-plugin-admin	*

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-204

Observable Response Discrepancy

The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere.

*CPE(s)

Affected systems and software identified for this CVE.

Type	Vendor	Product	Version	Update	Edition	Language	Software Edition	Target Software	Target Hardware	Other Information
a	getgrav	grav-plugin-admin	/	/	/	/	/	/	/	/

References

https://github.com/getgrav/grav-plugin-admin/commit/99f653296504f1d6408510dd2f6f20a45a26f9b0

https://github.com/getgrav/grav/security/advisories/GHSA-q3qx-cp62-f6m7

CVSS Score

6.5 / 10

CVSS Data - 3.1

Attack Vector: NETWORK
Attack Complexity: LOW
Privileges Required: NONE
Scope: UNCHANGED
Confidentiality Impact: LOW
Integrity Impact: NONE
Availability Impact: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

View Vector String

Timeline

Published: Dec. 1, 2025, 10:15 p.m.
Last Modified: Dec. 3, 2025, 9:58 p.m.

Status : Analyzed

CVE has had analysis completed and all data associations made.

More info

Source

security-advisories@github.com

CVE-2025-66307