[HIGH] Grav has Unauthenticated Path Traversal & Arbitrary File Write in its FormFlash component

PKSA-ncnf-tf1t-zhtj CVE-2026-42608 GHSA-hmcx-ch82-3fv2

Affected package: getgrav/grav

Affected version: <2.0.0-beta.2

Reported by:
GitHub