CVE-2021-47812

CRITICAL 9.8

GravCMS 1.10.7 - Arbitrary YAML Write/Update (Unauthenticated) (2)

CVSS Score

9.8

EPSS Score

0.0%

EPSS Percentile

0th

GravCMS 1.10.7 contains an unauthenticated vulnerability that allows remote attackers to write arbitrary YAML configuration and execute PHP code through the scheduler endpoint. Attackers can exploit the admin-nonce parameter to inject base64-encoded payloads and create malicious custom jobs with system command execution.

CWE	CWE-862
Vendor	getgrav
Product	gravcms
Published	Jan 15, 2026
Last Updated	Apr 7, 2026

Stay Ahead of the Next One

Get instant alerts for getgrav gravcms

Be the first to know when new critical vulnerabilities affecting getgrav gravcms are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

Getgrav / GravCMS

1.10.7

References

NVD ↗ CVE.org ↗ EPSS Data ↗

exploit-db.com: https://www.exploit-db.com/exploits/49973 getgrav.org: https://getgrav.org vulncheck.com: https://www.vulncheck.com/advisories/gravcms-arbitrary-yaml-writeupdate-unauthenticated

Credits

legend