CVE-2021-3818

Name of the Vulnerable Software and Affected Versions: grav (affected versions not specified)

Description: The issue concerns a reliance on cookies without proper validation and integrity checking. This can lead to a situation where a cookie with an overly broad path can be accessed through other applications on the same domain. As cookies often carry sensitive information, such as session identifiers, sharing them across applications can cause a vulnerability in one application to compromise another.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.