CVE-2025-66307
BaseFortify
Publication date: 2025-12-01
Last updated on: 2025-12-03
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| getgrav | grav-plugin-admin | to 1.10.50 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-204 | The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the admin plugin for Grav prior to version 1.11.0-beta.1. The "Forgot Password" functionality at /admin/forgot leaks information about valid usernames and their associated email addresses through distinct server responses. This allows an attacker to enumerate users and disclose sensitive email addresses.
How can this vulnerability impact me? :
An attacker can use this vulnerability to enumerate valid users and obtain their email addresses. This information can be leveraged for targeted attacks such as password spraying, phishing, or social engineering, potentially compromising user accounts and system security.
What immediate steps should I take to mitigate this vulnerability?
Upgrade the Grav admin plugin to version 1.11.0-beta.1 or later, as this version fixes the user enumeration and email disclosure vulnerability in the "Forgot Password" functionality.