S4Ex

**Name of the Vulnerable Software and Affected Versions** Grav versions 1.7.42 through 1.7.42.1 **Description** Grav is a file-based Web-platform built in PHP. It is subject to a server side template injection (SSTI) vulnerability. The fix for another SSTI vulnerability using `|map`, `|filter` and `|reduce` twigs introduces bypass of the denylist due to incorrect return value from `isDangerousFunction()`, which allows to execute the payload prepending double backslash (``). This vulnerability can be exploited if the attacker has access to an Administrator account, or a non-administrator user account that has Admin panel access and Create/Update page permissions. **Recommendations** For Grav versions 1.7.42 through 1.7.42.1, upgrade to release version 1.7.42.2 to fix the vulnerability. As a temporary workaround, consider restricting access to the Admin panel and Create/Update page permissions to minimize the risk of exploitation. Avoid using the `|map` function with untrusted input until the issue is resolved.