A vulnerability was found in getgrav grav and grav-plugin-form and classified as problematic . Impacted is an unknown function. The manipulation results in cross site scripting. This vulnerability is known as CVE-2026-42842 . It is possible to launch the attack remotely. No exploit is available. It is suggested to upgrade the affected component.