<aside> 💡
Vulnerability Version : 1.7.46 <= Grav <= 1.7.48
</aside>
It is impossible to save when using common script tags
However, script execution is possible when using onerror attribute of an img element.
It doesn't even come up with a warning
It can lead to additional attacks such as CSRF.
Filter or restrict entries with certain types of characters used in HTML/JavaScript in the different user input fields.