[MEDIUM] Grav Admin Plugin is vulnerable to Cross-Site Scripting (XSS) Stored endpoint `/admin/accounts/groups/[group]` parameter `data[readableName]`

PKSA-w4p2-x7q2-ymxv CVE-2025-66312 GHSA-rmw5-f87r-w988

Affected package: getgrav/grav

Affected version: <1.8.0-beta.27

Reported by:
GitHub