W00Fz

**Name of the Vulnerable Software and Affected Versions** getgrav/grav versions prior to 1.7.31 **Description** The issue is related to Cross-site Scripting (XSS) - Stored, where user input is not properly sanitized, leading to potential cross-site scripting. This type of attack occurs when an application includes user input in its output without proper validation, allowing an attacker to inject malicious scripts into the application. **Recommendations** For versions prior to 1.7.31, update to version 1.7.31 or later to resolve the issue. As a temporary workaround, consider implementing proper input sanitization to prevent cross-site scripting attacks. Restrict access to user input fields to minimize the risk of exploitation until the issue is resolved.