Cyber Posture

CVE-2025-66299

HighPublic PoC

Published: 01 December 2025

Published
01 December 2025
Modified
03 December 2025
KEV Added
Patch
CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0013 31.9th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Description

Grav is a file-based Web platform. Prior to 1.8.0-beta.27, Grav CMS is vulnerable to a Server-Side Template Injection (SSTI) that allows any authenticated user with editor permissions to execute arbitrary code on the remote server, bypassing the existing security sandbox.…

more

Since the security sandbox does not fully protect the Twig object, it is possible to interact with it (e.g., call methods, read/write attributes) through maliciously crafted Twig template directives injected into a web page. This allows an authenticated editor to add arbitrary functions to the Twig attribute system.twig.safe_filters, effectively bypassing the Grav CMS sandbox. This vulnerability is fixed in 1.8.0-beta.27.

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Timely remediation through patching to Grav CMS 1.8.0-beta.27 directly eliminates the SSTI vulnerability and sandbox bypass.

SI-10 Information Input Validation good match
prevent

Validating and sanitizing user-supplied Twig template directives prevents injection of malicious code that bypasses the sandbox.

AC-6 Least Privilege partial match
prevent

Enforcing least privilege restricts editor permissions to trusted users only, reducing the attack surface for SSTI exploitation.

Security SummaryAI

CVE-2025-66299 is a Server-Side Template Injection (SSTI) vulnerability in Grav CMS, a file-based web platform. It affects versions prior to 1.8.0-beta.27, where the existing security sandbox does not fully protect the Twig templating object. This allows interaction with the Twig object—such as calling methods or reading/writing attributes—through maliciously crafted Twig template directives injected into a web page. Attackers can add arbitrary functions to the Twig attribute system.twig.safe_filters, effectively bypassing the sandbox.

Any authenticated user with editor permissions can exploit this vulnerability over the network with low complexity and no user interaction required. By injecting the malicious Twig directives, they achieve arbitrary code execution on the remote server. The CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) reflects high impacts on confidentiality, integrity, and availability, with associated CWEs CWE-94 (Improper Control of Generation of Code) and CWE-1336 (Incorrect Handling of Shared Resources).

The vulnerability is addressed in Grav CMS 1.8.0-beta.27. Security practitioners should upgrade to this version or later. Additional details are available in the GitHub security advisory at https://github.com/getgrav/grav/security/advisories/GHSA-gjc5-8cfh-653x and the fixing commit at https://github.com/getgrav/grav/commit/e37259527d9c1deb6200f8967197a9fa587c6458.

Details

CWE(s)
CWE-94CWE-1336

Affected Products

getgrav
grav
1.8.0 · ≤ 1.8.0

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1221 Template Injection Stealth
Adversaries may create or modify references in user document templates to conceal malicious code or force authentication attempts.
attack.mitre.org →
Why these techniques?

SSTI vulnerability allows authenticated low-privilege editors to bypass Grav CMS sandbox via malicious Twig templates, enabling RCE. Maps to exploitation of public-facing application (T1190), template injection (T1221), and exploitation for privilege escalation (T1068).

References