Grav is a content management system (CMS). Prior to version 1.7.43, users who may write a page may use the frontmatter feature due to insufficient permission validation and inadequate file name validation. This may lead to remote code execution. Version 1.7.43 fixes this issue.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.