[MEDIUM] Grav CMS vulnerable to stored XSS via Markdown media attribute() action

PKSA-yx72-zyj1-gtxy CVE-2026-42841 GHSA-r7fx-8g49-7hhr

Affected package: getgrav/grav

Affected version: <2.0.0-beta.2

Reported by:
GitHub