Search criteria
18 vulnerabilities found for statamic by statamic
CVE-2024-24570 (GCVE-0-2024-24570)
Vulnerability from nvd – Published: 2024-02-01 16:42 – Updated: 2025-06-17 21:29
VLAI?
Title
Statamic account takeover via XSS and password reset link
Summary
Statamic is a Laravel and Git powered CMS. HTML files crafted to look like jpg files are able to be uploaded, allowing for XSS. This affects the front-end forms with asset fields without any mime type validation, asset fields in the control panel, and asset browser in the control panel. Additionally, if the XSS is crafted in a specific way, the "copy password reset link" feature may be exploited to gain access to a user's password reset token and gain access to their account. The authorized user is required to execute the XSS in order for the vulnerability to occur. In versions 4.46.0 and 3.4.17, the XSS vulnerability has been patched, and the copy password reset link functionality has been disabled.
Severity ?
8.2 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:19:52.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/statamic/cms/security/advisories/GHSA-vqxq-hvxw-9mv9",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/statamic/cms/security/advisories/GHSA-vqxq-hvxw-9mv9"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Feb/17"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/177133/Statamic-CMS-Cross-Site-Scripting.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-24570",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-15T16:19:41.715803Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T21:29:22.712Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cms",
"vendor": "statamic",
"versions": [
{
"status": "affected",
"version": "\u003c 3.4.17"
},
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.46.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Statamic is a Laravel and Git powered CMS. HTML files crafted to look like jpg files are able to be uploaded, allowing for XSS. This affects the front-end forms with asset fields without any mime type validation, asset fields in the control panel, and asset browser in the control panel. Additionally, if the XSS is crafted in a specific way, the \"copy password reset link\" feature may be exploited to gain access to a user\u0027s password reset token and gain access to their account. The authorized user is required to execute the XSS in order for the vulnerability to occur. In versions 4.46.0 and 3.4.17, the XSS vulnerability has been patched, and the copy password reset link functionality has been disabled."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-14T17:06:14.982Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/statamic/cms/security/advisories/GHSA-vqxq-hvxw-9mv9",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/statamic/cms/security/advisories/GHSA-vqxq-hvxw-9mv9"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Feb/17"
},
{
"url": "http://packetstormsecurity.com/files/177133/Statamic-CMS-Cross-Site-Scripting.html"
}
],
"source": {
"advisory": "GHSA-vqxq-hvxw-9mv9",
"discovery": "UNKNOWN"
},
"title": "Statamic account takeover via XSS and password reset link"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-24570",
"datePublished": "2024-02-01T16:42:57.717Z",
"dateReserved": "2024-01-25T15:09:40.210Z",
"dateUpdated": "2025-06-17T21:29:22.712Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48701 (GCVE-0-2023-48701)
Vulnerability from nvd – Published: 2023-11-21 22:34 – Updated: 2024-08-02 21:37
VLAI?
Title
Statamic CMS vulnerable to Cross-site Scripting via uploaded assets
Summary
Statamic CMS is a Laravel and Git powered content management system (CMS). Prior to versions 3.4.15 an 4.36.0, HTML files crafted to look like images may be uploaded regardless of mime validation. This is only applicable on front-end forms using the "Forms" feature containing an assets field, or within the control panel which requires authentication. This issue has been patched on 3.4.15 and 4.36.0.
Severity ?
7.5 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:37:53.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/statamic/cms/security/advisories/GHSA-8jjh-j3c2-cjcv",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/statamic/cms/security/advisories/GHSA-8jjh-j3c2-cjcv"
},
{
"name": "https://github.com/statamic/cms/releases/tag/v3.4.15",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/statamic/cms/releases/tag/v3.4.15"
},
{
"name": "https://github.com/statamic/cms/releases/tag/v4.36.0",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/statamic/cms/releases/tag/v4.36.0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cms",
"vendor": "statamic",
"versions": [
{
"status": "affected",
"version": "\u003c 3.4.15 "
},
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.36.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Statamic CMS is a Laravel and Git powered content management system (CMS). Prior to versions 3.4.15 an 4.36.0, HTML files crafted to look like images may be uploaded regardless of mime validation. This is only applicable on front-end forms using the \"Forms\" feature containing an assets field, or within the control panel which requires authentication. This issue has been patched on 3.4.15 and 4.36.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-21T22:34:11.043Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/statamic/cms/security/advisories/GHSA-8jjh-j3c2-cjcv",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/statamic/cms/security/advisories/GHSA-8jjh-j3c2-cjcv"
},
{
"name": "https://github.com/statamic/cms/releases/tag/v3.4.15",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/statamic/cms/releases/tag/v3.4.15"
},
{
"name": "https://github.com/statamic/cms/releases/tag/v4.36.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/statamic/cms/releases/tag/v4.36.0"
}
],
"source": {
"advisory": "GHSA-8jjh-j3c2-cjcv",
"discovery": "UNKNOWN"
},
"title": "Statamic CMS vulnerable to Cross-site Scripting via uploaded assets"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-48701",
"datePublished": "2023-11-21T22:34:11.043Z",
"dateReserved": "2023-11-17T19:43:37.554Z",
"dateUpdated": "2024-08-02T21:37:53.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48217 (GCVE-0-2023-48217)
Vulnerability from nvd – Published: 2023-11-14 21:38 – Updated: 2024-08-30 14:03
VLAI?
Title
Remote code execution via form uploads in statamic/cms
Summary
Statamic is a flat-first, Laravel + Git powered CMS designed for building websites. In affected versions certain additional PHP files crafted to look like images may be uploaded regardless of mime type validation rules. This affects front-end forms using the "Forms" feature, and asset upload fields in the control panel. Malicious users could leverage this vulnerability to upload and execute code. This issue has been patched in versions 3.4.14 and 4.34.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Severity ?
8.8 (High)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:23:39.132Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/statamic/cms/security/advisories/GHSA-2r53-9295-3m86",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/statamic/cms/security/advisories/GHSA-2r53-9295-3m86"
},
{
"name": "https://github.com/statamic/cms/commit/4c6fe041e2203a8033e5949ce4a5d9d6c0ad2411",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/statamic/cms/commit/4c6fe041e2203a8033e5949ce4a5d9d6c0ad2411"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:statamic:cms:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cms",
"vendor": "statamic",
"versions": [
{
"lessThan": "4.34.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.4.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-48217",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-30T14:01:51.639729Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-30T14:03:24.570Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cms",
"vendor": "statamic",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.34.0"
},
{
"status": "affected",
"version": "\u003c 3.4.14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Statamic is a flat-first, Laravel + Git powered CMS designed for building websites. In affected versions certain additional PHP files crafted to look like images may be uploaded regardless of mime type validation rules. This affects front-end forms using the \"Forms\" feature, and asset upload fields in the control panel. Malicious users could leverage this vulnerability to upload and execute code. This issue has been patched in versions 3.4.14 and 4.34.0. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T21:38:37.590Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/statamic/cms/security/advisories/GHSA-2r53-9295-3m86",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/statamic/cms/security/advisories/GHSA-2r53-9295-3m86"
},
{
"name": "https://github.com/statamic/cms/commit/4c6fe041e2203a8033e5949ce4a5d9d6c0ad2411",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/statamic/cms/commit/4c6fe041e2203a8033e5949ce4a5d9d6c0ad2411"
}
],
"source": {
"advisory": "GHSA-2r53-9295-3m86",
"discovery": "UNKNOWN"
},
"title": "Remote code execution via form uploads in statamic/cms"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-48217",
"datePublished": "2023-11-14T21:38:37.590Z",
"dateReserved": "2023-11-13T13:25:18.479Z",
"dateUpdated": "2024-08-30T14:03:24.570Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-47129 (GCVE-0-2023-47129)
Vulnerability from nvd – Published: 2023-11-10 18:48 – Updated: 2024-09-03 17:24
VLAI?
Title
Statamic CMS remote code execution via front-end form uploads
Summary
Statmic is a core Laravel content management system Composer package. Prior to versions 3.4.13 and 4.33.0, on front-end forms with an asset upload field, PHP files crafted to look like images may be uploaded. This only affects forms using the "Forms" feature and not just _any_ arbitrary form. This does not affect the control panel. This issue has been patched in 3.4.13 and 4.33.0.
Severity ?
8.4 (High)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:01:22.814Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/statamic/cms/security/advisories/GHSA-72hg-5wr5-rmfc",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/statamic/cms/security/advisories/GHSA-72hg-5wr5-rmfc"
},
{
"name": "https://github.com/statamic/cms/commit/098ef8024d97286ca501273c18ae75b646262d75",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/statamic/cms/commit/098ef8024d97286ca501273c18ae75b646262d75"
},
{
"name": "https://github.com/statamic/cms/commit/f6c688154f6bdbd0b67039f8f11dcd98ba061e77",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/statamic/cms/commit/f6c688154f6bdbd0b67039f8f11dcd98ba061e77"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:statamic:cms:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cms",
"vendor": "statamic",
"versions": [
{
"lessThan": "3.4.13",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "4.33.0",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-47129",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-03T17:21:20.779648Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-03T17:24:55.886Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cms",
"vendor": "statamic",
"versions": [
{
"status": "affected",
"version": "\u003c 3.4.13"
},
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.33.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Statmic is a core Laravel content management system Composer package. Prior to versions 3.4.13 and 4.33.0, on front-end forms with an asset upload field, PHP files crafted to look like images may be uploaded. This only affects forms using the \"Forms\" feature and not just _any_ arbitrary form. This does not affect the control panel. This issue has been patched in 3.4.13 and 4.33.0.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434: Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-10T18:48:03.265Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/statamic/cms/security/advisories/GHSA-72hg-5wr5-rmfc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/statamic/cms/security/advisories/GHSA-72hg-5wr5-rmfc"
},
{
"name": "https://github.com/statamic/cms/commit/098ef8024d97286ca501273c18ae75b646262d75",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/statamic/cms/commit/098ef8024d97286ca501273c18ae75b646262d75"
},
{
"name": "https://github.com/statamic/cms/commit/f6c688154f6bdbd0b67039f8f11dcd98ba061e77",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/statamic/cms/commit/f6c688154f6bdbd0b67039f8f11dcd98ba061e77"
}
],
"source": {
"advisory": "GHSA-72hg-5wr5-rmfc",
"discovery": "UNKNOWN"
},
"title": "Statamic CMS remote code execution via front-end form uploads"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-47129",
"datePublished": "2023-11-10T18:48:03.265Z",
"dateReserved": "2023-10-30T19:57:51.677Z",
"dateUpdated": "2024-09-03T17:24:55.886Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-36828 (GCVE-0-2023-36828)
Vulnerability from nvd – Published: 2023-07-05 21:30 – Updated: 2024-10-24 18:06
VLAI?
Title
Statamic's Antlers sanitizer cannot effectively sanitize malicious SVG
Summary
Statamic is a flat-first, Laravel and Git powered content management system. Prior to version 4.10.0, the SVG tag does not sanitize malicious SVG. Therefore, an attacker can exploit this vulnerability to perform cross-site scripting attacks using SVG, even when using the `sanitize` function. Version 4.10.0 contains a patch for this issue.
Severity ?
5.5 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:01:09.623Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/statamic/cms/security/advisories/GHSA-6r5g-cq4q-327g",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/statamic/cms/security/advisories/GHSA-6r5g-cq4q-327g"
},
{
"name": "https://github.com/statamic/cms/pull/8408",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/statamic/cms/pull/8408"
},
{
"name": "https://github.com/statamic/cms/commit/c714893ad92de6e5ede17b501003441af505b30d",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/statamic/cms/commit/c714893ad92de6e5ede17b501003441af505b30d"
},
{
"name": "https://github.com/statamic/cms/blob/f806b6b007ddcf066082eef175653c5beaa96d60/src/Http/Controllers/CP/Fieldtypes/FilesFieldtypeController.php#L15",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/statamic/cms/blob/f806b6b007ddcf066082eef175653c5beaa96d60/src/Http/Controllers/CP/Fieldtypes/FilesFieldtypeController.php#L15"
},
{
"name": "https://github.com/statamic/cms/blob/f806b6b007ddcf066082eef175653c5beaa96d60/src/Tags/Svg.php#L36-L40",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/statamic/cms/blob/f806b6b007ddcf066082eef175653c5beaa96d60/src/Tags/Svg.php#L36-L40"
},
{
"name": "https://github.com/statamic/cms/releases/tag/v4.10.0",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/statamic/cms/releases/tag/v4.10.0"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:statamic:cms:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cms",
"vendor": "statamic",
"versions": [
{
"lessThan": "4.10.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-36828",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-24T17:58:24.228772Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-24T18:06:44.250Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cms",
"vendor": "statamic",
"versions": [
{
"status": "affected",
"version": "\u003c 4.10.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Statamic is a flat-first, Laravel and Git powered content management system. Prior to version 4.10.0, the SVG tag does not sanitize malicious SVG. Therefore, an attacker can exploit this vulnerability to perform cross-site scripting attacks using SVG, even when using the `sanitize` function. Version 4.10.0 contains a patch for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-05T21:30:06.196Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/statamic/cms/security/advisories/GHSA-6r5g-cq4q-327g",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/statamic/cms/security/advisories/GHSA-6r5g-cq4q-327g"
},
{
"name": "https://github.com/statamic/cms/pull/8408",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/statamic/cms/pull/8408"
},
{
"name": "https://github.com/statamic/cms/commit/c714893ad92de6e5ede17b501003441af505b30d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/statamic/cms/commit/c714893ad92de6e5ede17b501003441af505b30d"
},
{
"name": "https://github.com/statamic/cms/blob/f806b6b007ddcf066082eef175653c5beaa96d60/src/Http/Controllers/CP/Fieldtypes/FilesFieldtypeController.php#L15",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/statamic/cms/blob/f806b6b007ddcf066082eef175653c5beaa96d60/src/Http/Controllers/CP/Fieldtypes/FilesFieldtypeController.php#L15"
},
{
"name": "https://github.com/statamic/cms/blob/f806b6b007ddcf066082eef175653c5beaa96d60/src/Tags/Svg.php#L36-L40",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/statamic/cms/blob/f806b6b007ddcf066082eef175653c5beaa96d60/src/Tags/Svg.php#L36-L40"
},
{
"name": "https://github.com/statamic/cms/releases/tag/v4.10.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/statamic/cms/releases/tag/v4.10.0"
}
],
"source": {
"advisory": "GHSA-6r5g-cq4q-327g",
"discovery": "UNKNOWN"
},
"title": "Statamic\u0027s Antlers sanitizer cannot effectively sanitize malicious SVG"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-36828",
"datePublished": "2023-07-05T21:30:06.196Z",
"dateReserved": "2023-06-27T15:43:18.388Z",
"dateUpdated": "2024-10-24T18:06:44.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-24784 (GCVE-0-2022-24784)
Vulnerability from nvd – Published: 2022-03-25 21:40 – Updated: 2025-04-23 18:43
VLAI?
Title
Discoverability of user password hash in Statamic CMS
Summary
Statamic is a Laravel and Git powered CMS. Before versions 3.2.39 and 3.3.2, it is possible to confirm a single character of a user's password hash using a specially crafted regular expression filter in the users endpoint of the REST API. Multiple such requests can eventually uncover the entire hash. The hash is not present in the response, however the presence or absence of a result confirms if the character is in the right position. The API has throttling enabled by default, making this a time intensive task. Both the REST API and the users endpoint need to be enabled, as they are disabled by default. The issue has been fixed in versions 3.2.39 and above, and 3.3.2 and above.
Severity ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:20:50.503Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/statamic/cms/security/advisories/GHSA-qcgx-7p5f-hxvr"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/statamic/cms/issues/5604"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/statamic/cms/pull/5568"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-24784",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:08:26.982529Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:43:26.208Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cms",
"vendor": "statamic",
"versions": [
{
"status": "affected",
"version": "\u003c 3.2.39"
},
{
"status": "affected",
"version": "\u003c 3.3.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Statamic is a Laravel and Git powered CMS. Before versions 3.2.39 and 3.3.2, it is possible to confirm a single character of a user\u0027s password hash using a specially crafted regular expression filter in the users endpoint of the REST API. Multiple such requests can eventually uncover the entire hash. The hash is not present in the response, however the presence or absence of a result confirms if the character is in the right position. The API has throttling enabled by default, making this a time intensive task. Both the REST API and the users endpoint need to be enabled, as they are disabled by default. The issue has been fixed in versions 3.2.39 and above, and 3.3.2 and above."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-25T21:40:11.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/statamic/cms/security/advisories/GHSA-qcgx-7p5f-hxvr"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/statamic/cms/issues/5604"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/statamic/cms/pull/5568"
}
],
"source": {
"advisory": "GHSA-qcgx-7p5f-hxvr",
"discovery": "UNKNOWN"
},
"title": "Discoverability of user password hash in Statamic CMS",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-24784",
"STATE": "PUBLIC",
"TITLE": "Discoverability of user password hash in Statamic CMS"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "cms",
"version": {
"version_data": [
{
"version_value": "\u003c 3.2.39"
},
{
"version_value": "\u003c 3.3.2"
}
]
}
}
]
},
"vendor_name": "statamic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Statamic is a Laravel and Git powered CMS. Before versions 3.2.39 and 3.3.2, it is possible to confirm a single character of a user\u0027s password hash using a specially crafted regular expression filter in the users endpoint of the REST API. Multiple such requests can eventually uncover the entire hash. The hash is not present in the response, however the presence or absence of a result confirms if the character is in the right position. The API has throttling enabled by default, making this a time intensive task. Both the REST API and the users endpoint need to be enabled, as they are disabled by default. The issue has been fixed in versions 3.2.39 and above, and 3.3.2 and above."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/statamic/cms/security/advisories/GHSA-qcgx-7p5f-hxvr",
"refsource": "CONFIRM",
"url": "https://github.com/statamic/cms/security/advisories/GHSA-qcgx-7p5f-hxvr"
},
{
"name": "https://github.com/statamic/cms/issues/5604",
"refsource": "MISC",
"url": "https://github.com/statamic/cms/issues/5604"
},
{
"name": "https://github.com/statamic/cms/pull/5568",
"refsource": "MISC",
"url": "https://github.com/statamic/cms/pull/5568"
}
]
},
"source": {
"advisory": "GHSA-qcgx-7p5f-hxvr",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-24784",
"datePublished": "2022-03-25T21:40:11.000Z",
"dateReserved": "2022-02-10T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:43:26.208Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-45364 (GCVE-0-2021-45364)
Vulnerability from nvd – Published: 2022-02-10 18:38 – Updated: 2024-08-04 04:39 Disputed
VLAI?
Summary
A Code Execution vulnerability exists in Statamic Version through 3.2.26 via SettingsController.php. NOTE: the vendor indicates that there was an error in publishing this CVE Record, and that all parties agree that the affected code was not used in any Statamic product
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-45364",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-02T18:54:09.737112Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T18:54:18.820Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:39:20.598Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Stakcery/Web-Security/issues/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Code Execution vulnerability exists in Statamic Version through 3.2.26 via SettingsController.php. NOTE: the vendor indicates that there was an error in publishing this CVE Record, and that all parties agree that the affected code was not used in any Statamic product"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-18T16:13:22",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Stakcery/Web-Security/issues/2"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-45364",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** A Code Execution vulnerability exists in Statamic Version through 3.2.26 via SettingsController.php. NOTE: the vendor indicates that there was an error in publishing this CVE Record, and that all parties agree that the affected code was not used in any Statamic product."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Stakcery/Web-Security/issues/2",
"refsource": "MISC",
"url": "https://github.com/Stakcery/Web-Security/issues/2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-45364",
"datePublished": "2022-02-10T18:38:12",
"dateReserved": "2021-12-20T00:00:00",
"dateUpdated": "2024-08-04T04:39:20.598Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-19598 (GCVE-0-2018-19598)
Vulnerability from nvd – Published: 2018-12-19 19:00 – Updated: 2024-08-05 11:37
VLAI?
Summary
Statamic 2.10.3 allows XSS via First Name or Last Name to the /users URI in an 'Add new user' request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:37:11.606Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/security-breachlock/CVE-2018-19598/blob/master/Static%20cms.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-11-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Statamic 2.10.3 allows XSS via First Name or Last Name to the /users URI in an \u0027Add new user\u0027 request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-02-20T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/security-breachlock/CVE-2018-19598/blob/master/Static%20cms.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19598",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Statamic 2.10.3 allows XSS via First Name or Last Name to the /users URI in an \u0027Add new user\u0027 request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/security-breachlock/CVE-2018-19598/blob/master/Static%20cms.pdf",
"refsource": "MISC",
"url": "https://github.com/security-breachlock/CVE-2018-19598/blob/master/Static%20cms.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-19598",
"datePublished": "2018-12-19T19:00:00",
"dateReserved": "2018-11-27T00:00:00",
"dateUpdated": "2024-08-05T11:37:11.606Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11422 (GCVE-0-2017-11422)
Vulnerability from nvd – Published: 2017-07-24 12:00 – Updated: 2024-08-05 18:12
VLAI?
Summary
Statamic framework before 2.6.0 does not correctly check a session's permissions when the methods from a user's class are called. Problematic methods include reset password, create new account, create new role, etc.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:12:39.441Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/rambo691/3714c8c09cf894d574d37c294711c49e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Statamic framework before 2.6.0 does not correctly check a session\u0027s permissions when the methods from a user\u0027s class are called. Problematic methods include reset password, create new account, create new role, etc."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-24T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/rambo691/3714c8c09cf894d574d37c294711c49e"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-11422",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Statamic framework before 2.6.0 does not correctly check a session\u0027s permissions when the methods from a user\u0027s class are called. Problematic methods include reset password, create new account, create new role, etc."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gist.github.com/rambo691/3714c8c09cf894d574d37c294711c49e",
"refsource": "MISC",
"url": "https://gist.github.com/rambo691/3714c8c09cf894d574d37c294711c49e"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-11422",
"datePublished": "2017-07-24T12:00:00",
"dateReserved": "2017-07-18T00:00:00",
"dateUpdated": "2024-08-05T18:12:39.441Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-24570 (GCVE-0-2024-24570)
Vulnerability from cvelistv5 – Published: 2024-02-01 16:42 – Updated: 2025-06-17 21:29
VLAI?
Title
Statamic account takeover via XSS and password reset link
Summary
Statamic is a Laravel and Git powered CMS. HTML files crafted to look like jpg files are able to be uploaded, allowing for XSS. This affects the front-end forms with asset fields without any mime type validation, asset fields in the control panel, and asset browser in the control panel. Additionally, if the XSS is crafted in a specific way, the "copy password reset link" feature may be exploited to gain access to a user's password reset token and gain access to their account. The authorized user is required to execute the XSS in order for the vulnerability to occur. In versions 4.46.0 and 3.4.17, the XSS vulnerability has been patched, and the copy password reset link functionality has been disabled.
Severity ?
8.2 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:19:52.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/statamic/cms/security/advisories/GHSA-vqxq-hvxw-9mv9",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/statamic/cms/security/advisories/GHSA-vqxq-hvxw-9mv9"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Feb/17"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/177133/Statamic-CMS-Cross-Site-Scripting.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-24570",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-15T16:19:41.715803Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T21:29:22.712Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cms",
"vendor": "statamic",
"versions": [
{
"status": "affected",
"version": "\u003c 3.4.17"
},
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.46.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Statamic is a Laravel and Git powered CMS. HTML files crafted to look like jpg files are able to be uploaded, allowing for XSS. This affects the front-end forms with asset fields without any mime type validation, asset fields in the control panel, and asset browser in the control panel. Additionally, if the XSS is crafted in a specific way, the \"copy password reset link\" feature may be exploited to gain access to a user\u0027s password reset token and gain access to their account. The authorized user is required to execute the XSS in order for the vulnerability to occur. In versions 4.46.0 and 3.4.17, the XSS vulnerability has been patched, and the copy password reset link functionality has been disabled."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-14T17:06:14.982Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/statamic/cms/security/advisories/GHSA-vqxq-hvxw-9mv9",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/statamic/cms/security/advisories/GHSA-vqxq-hvxw-9mv9"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Feb/17"
},
{
"url": "http://packetstormsecurity.com/files/177133/Statamic-CMS-Cross-Site-Scripting.html"
}
],
"source": {
"advisory": "GHSA-vqxq-hvxw-9mv9",
"discovery": "UNKNOWN"
},
"title": "Statamic account takeover via XSS and password reset link"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-24570",
"datePublished": "2024-02-01T16:42:57.717Z",
"dateReserved": "2024-01-25T15:09:40.210Z",
"dateUpdated": "2025-06-17T21:29:22.712Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48701 (GCVE-0-2023-48701)
Vulnerability from cvelistv5 – Published: 2023-11-21 22:34 – Updated: 2024-08-02 21:37
VLAI?
Title
Statamic CMS vulnerable to Cross-site Scripting via uploaded assets
Summary
Statamic CMS is a Laravel and Git powered content management system (CMS). Prior to versions 3.4.15 an 4.36.0, HTML files crafted to look like images may be uploaded regardless of mime validation. This is only applicable on front-end forms using the "Forms" feature containing an assets field, or within the control panel which requires authentication. This issue has been patched on 3.4.15 and 4.36.0.
Severity ?
7.5 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:37:53.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/statamic/cms/security/advisories/GHSA-8jjh-j3c2-cjcv",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/statamic/cms/security/advisories/GHSA-8jjh-j3c2-cjcv"
},
{
"name": "https://github.com/statamic/cms/releases/tag/v3.4.15",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/statamic/cms/releases/tag/v3.4.15"
},
{
"name": "https://github.com/statamic/cms/releases/tag/v4.36.0",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/statamic/cms/releases/tag/v4.36.0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cms",
"vendor": "statamic",
"versions": [
{
"status": "affected",
"version": "\u003c 3.4.15 "
},
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.36.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Statamic CMS is a Laravel and Git powered content management system (CMS). Prior to versions 3.4.15 an 4.36.0, HTML files crafted to look like images may be uploaded regardless of mime validation. This is only applicable on front-end forms using the \"Forms\" feature containing an assets field, or within the control panel which requires authentication. This issue has been patched on 3.4.15 and 4.36.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-21T22:34:11.043Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/statamic/cms/security/advisories/GHSA-8jjh-j3c2-cjcv",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/statamic/cms/security/advisories/GHSA-8jjh-j3c2-cjcv"
},
{
"name": "https://github.com/statamic/cms/releases/tag/v3.4.15",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/statamic/cms/releases/tag/v3.4.15"
},
{
"name": "https://github.com/statamic/cms/releases/tag/v4.36.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/statamic/cms/releases/tag/v4.36.0"
}
],
"source": {
"advisory": "GHSA-8jjh-j3c2-cjcv",
"discovery": "UNKNOWN"
},
"title": "Statamic CMS vulnerable to Cross-site Scripting via uploaded assets"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-48701",
"datePublished": "2023-11-21T22:34:11.043Z",
"dateReserved": "2023-11-17T19:43:37.554Z",
"dateUpdated": "2024-08-02T21:37:53.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48217 (GCVE-0-2023-48217)
Vulnerability from cvelistv5 – Published: 2023-11-14 21:38 – Updated: 2024-08-30 14:03
VLAI?
Title
Remote code execution via form uploads in statamic/cms
Summary
Statamic is a flat-first, Laravel + Git powered CMS designed for building websites. In affected versions certain additional PHP files crafted to look like images may be uploaded regardless of mime type validation rules. This affects front-end forms using the "Forms" feature, and asset upload fields in the control panel. Malicious users could leverage this vulnerability to upload and execute code. This issue has been patched in versions 3.4.14 and 4.34.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Severity ?
8.8 (High)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:23:39.132Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/statamic/cms/security/advisories/GHSA-2r53-9295-3m86",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/statamic/cms/security/advisories/GHSA-2r53-9295-3m86"
},
{
"name": "https://github.com/statamic/cms/commit/4c6fe041e2203a8033e5949ce4a5d9d6c0ad2411",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/statamic/cms/commit/4c6fe041e2203a8033e5949ce4a5d9d6c0ad2411"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:statamic:cms:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cms",
"vendor": "statamic",
"versions": [
{
"lessThan": "4.34.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.4.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-48217",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-30T14:01:51.639729Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-30T14:03:24.570Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cms",
"vendor": "statamic",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.34.0"
},
{
"status": "affected",
"version": "\u003c 3.4.14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Statamic is a flat-first, Laravel + Git powered CMS designed for building websites. In affected versions certain additional PHP files crafted to look like images may be uploaded regardless of mime type validation rules. This affects front-end forms using the \"Forms\" feature, and asset upload fields in the control panel. Malicious users could leverage this vulnerability to upload and execute code. This issue has been patched in versions 3.4.14 and 4.34.0. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T21:38:37.590Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/statamic/cms/security/advisories/GHSA-2r53-9295-3m86",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/statamic/cms/security/advisories/GHSA-2r53-9295-3m86"
},
{
"name": "https://github.com/statamic/cms/commit/4c6fe041e2203a8033e5949ce4a5d9d6c0ad2411",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/statamic/cms/commit/4c6fe041e2203a8033e5949ce4a5d9d6c0ad2411"
}
],
"source": {
"advisory": "GHSA-2r53-9295-3m86",
"discovery": "UNKNOWN"
},
"title": "Remote code execution via form uploads in statamic/cms"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-48217",
"datePublished": "2023-11-14T21:38:37.590Z",
"dateReserved": "2023-11-13T13:25:18.479Z",
"dateUpdated": "2024-08-30T14:03:24.570Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-47129 (GCVE-0-2023-47129)
Vulnerability from cvelistv5 – Published: 2023-11-10 18:48 – Updated: 2024-09-03 17:24
VLAI?
Title
Statamic CMS remote code execution via front-end form uploads
Summary
Statmic is a core Laravel content management system Composer package. Prior to versions 3.4.13 and 4.33.0, on front-end forms with an asset upload field, PHP files crafted to look like images may be uploaded. This only affects forms using the "Forms" feature and not just _any_ arbitrary form. This does not affect the control panel. This issue has been patched in 3.4.13 and 4.33.0.
Severity ?
8.4 (High)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:01:22.814Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/statamic/cms/security/advisories/GHSA-72hg-5wr5-rmfc",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/statamic/cms/security/advisories/GHSA-72hg-5wr5-rmfc"
},
{
"name": "https://github.com/statamic/cms/commit/098ef8024d97286ca501273c18ae75b646262d75",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/statamic/cms/commit/098ef8024d97286ca501273c18ae75b646262d75"
},
{
"name": "https://github.com/statamic/cms/commit/f6c688154f6bdbd0b67039f8f11dcd98ba061e77",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/statamic/cms/commit/f6c688154f6bdbd0b67039f8f11dcd98ba061e77"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:statamic:cms:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cms",
"vendor": "statamic",
"versions": [
{
"lessThan": "3.4.13",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "4.33.0",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-47129",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-03T17:21:20.779648Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-03T17:24:55.886Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cms",
"vendor": "statamic",
"versions": [
{
"status": "affected",
"version": "\u003c 3.4.13"
},
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.33.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Statmic is a core Laravel content management system Composer package. Prior to versions 3.4.13 and 4.33.0, on front-end forms with an asset upload field, PHP files crafted to look like images may be uploaded. This only affects forms using the \"Forms\" feature and not just _any_ arbitrary form. This does not affect the control panel. This issue has been patched in 3.4.13 and 4.33.0.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434: Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-10T18:48:03.265Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/statamic/cms/security/advisories/GHSA-72hg-5wr5-rmfc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/statamic/cms/security/advisories/GHSA-72hg-5wr5-rmfc"
},
{
"name": "https://github.com/statamic/cms/commit/098ef8024d97286ca501273c18ae75b646262d75",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/statamic/cms/commit/098ef8024d97286ca501273c18ae75b646262d75"
},
{
"name": "https://github.com/statamic/cms/commit/f6c688154f6bdbd0b67039f8f11dcd98ba061e77",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/statamic/cms/commit/f6c688154f6bdbd0b67039f8f11dcd98ba061e77"
}
],
"source": {
"advisory": "GHSA-72hg-5wr5-rmfc",
"discovery": "UNKNOWN"
},
"title": "Statamic CMS remote code execution via front-end form uploads"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-47129",
"datePublished": "2023-11-10T18:48:03.265Z",
"dateReserved": "2023-10-30T19:57:51.677Z",
"dateUpdated": "2024-09-03T17:24:55.886Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-36828 (GCVE-0-2023-36828)
Vulnerability from cvelistv5 – Published: 2023-07-05 21:30 – Updated: 2024-10-24 18:06
VLAI?
Title
Statamic's Antlers sanitizer cannot effectively sanitize malicious SVG
Summary
Statamic is a flat-first, Laravel and Git powered content management system. Prior to version 4.10.0, the SVG tag does not sanitize malicious SVG. Therefore, an attacker can exploit this vulnerability to perform cross-site scripting attacks using SVG, even when using the `sanitize` function. Version 4.10.0 contains a patch for this issue.
Severity ?
5.5 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:01:09.623Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/statamic/cms/security/advisories/GHSA-6r5g-cq4q-327g",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/statamic/cms/security/advisories/GHSA-6r5g-cq4q-327g"
},
{
"name": "https://github.com/statamic/cms/pull/8408",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/statamic/cms/pull/8408"
},
{
"name": "https://github.com/statamic/cms/commit/c714893ad92de6e5ede17b501003441af505b30d",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/statamic/cms/commit/c714893ad92de6e5ede17b501003441af505b30d"
},
{
"name": "https://github.com/statamic/cms/blob/f806b6b007ddcf066082eef175653c5beaa96d60/src/Http/Controllers/CP/Fieldtypes/FilesFieldtypeController.php#L15",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/statamic/cms/blob/f806b6b007ddcf066082eef175653c5beaa96d60/src/Http/Controllers/CP/Fieldtypes/FilesFieldtypeController.php#L15"
},
{
"name": "https://github.com/statamic/cms/blob/f806b6b007ddcf066082eef175653c5beaa96d60/src/Tags/Svg.php#L36-L40",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/statamic/cms/blob/f806b6b007ddcf066082eef175653c5beaa96d60/src/Tags/Svg.php#L36-L40"
},
{
"name": "https://github.com/statamic/cms/releases/tag/v4.10.0",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/statamic/cms/releases/tag/v4.10.0"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:statamic:cms:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cms",
"vendor": "statamic",
"versions": [
{
"lessThan": "4.10.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-36828",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-24T17:58:24.228772Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-24T18:06:44.250Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cms",
"vendor": "statamic",
"versions": [
{
"status": "affected",
"version": "\u003c 4.10.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Statamic is a flat-first, Laravel and Git powered content management system. Prior to version 4.10.0, the SVG tag does not sanitize malicious SVG. Therefore, an attacker can exploit this vulnerability to perform cross-site scripting attacks using SVG, even when using the `sanitize` function. Version 4.10.0 contains a patch for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-05T21:30:06.196Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/statamic/cms/security/advisories/GHSA-6r5g-cq4q-327g",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/statamic/cms/security/advisories/GHSA-6r5g-cq4q-327g"
},
{
"name": "https://github.com/statamic/cms/pull/8408",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/statamic/cms/pull/8408"
},
{
"name": "https://github.com/statamic/cms/commit/c714893ad92de6e5ede17b501003441af505b30d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/statamic/cms/commit/c714893ad92de6e5ede17b501003441af505b30d"
},
{
"name": "https://github.com/statamic/cms/blob/f806b6b007ddcf066082eef175653c5beaa96d60/src/Http/Controllers/CP/Fieldtypes/FilesFieldtypeController.php#L15",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/statamic/cms/blob/f806b6b007ddcf066082eef175653c5beaa96d60/src/Http/Controllers/CP/Fieldtypes/FilesFieldtypeController.php#L15"
},
{
"name": "https://github.com/statamic/cms/blob/f806b6b007ddcf066082eef175653c5beaa96d60/src/Tags/Svg.php#L36-L40",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/statamic/cms/blob/f806b6b007ddcf066082eef175653c5beaa96d60/src/Tags/Svg.php#L36-L40"
},
{
"name": "https://github.com/statamic/cms/releases/tag/v4.10.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/statamic/cms/releases/tag/v4.10.0"
}
],
"source": {
"advisory": "GHSA-6r5g-cq4q-327g",
"discovery": "UNKNOWN"
},
"title": "Statamic\u0027s Antlers sanitizer cannot effectively sanitize malicious SVG"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-36828",
"datePublished": "2023-07-05T21:30:06.196Z",
"dateReserved": "2023-06-27T15:43:18.388Z",
"dateUpdated": "2024-10-24T18:06:44.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-24784 (GCVE-0-2022-24784)
Vulnerability from cvelistv5 – Published: 2022-03-25 21:40 – Updated: 2025-04-23 18:43
VLAI?
Title
Discoverability of user password hash in Statamic CMS
Summary
Statamic is a Laravel and Git powered CMS. Before versions 3.2.39 and 3.3.2, it is possible to confirm a single character of a user's password hash using a specially crafted regular expression filter in the users endpoint of the REST API. Multiple such requests can eventually uncover the entire hash. The hash is not present in the response, however the presence or absence of a result confirms if the character is in the right position. The API has throttling enabled by default, making this a time intensive task. Both the REST API and the users endpoint need to be enabled, as they are disabled by default. The issue has been fixed in versions 3.2.39 and above, and 3.3.2 and above.
Severity ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:20:50.503Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/statamic/cms/security/advisories/GHSA-qcgx-7p5f-hxvr"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/statamic/cms/issues/5604"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/statamic/cms/pull/5568"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-24784",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:08:26.982529Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:43:26.208Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cms",
"vendor": "statamic",
"versions": [
{
"status": "affected",
"version": "\u003c 3.2.39"
},
{
"status": "affected",
"version": "\u003c 3.3.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Statamic is a Laravel and Git powered CMS. Before versions 3.2.39 and 3.3.2, it is possible to confirm a single character of a user\u0027s password hash using a specially crafted regular expression filter in the users endpoint of the REST API. Multiple such requests can eventually uncover the entire hash. The hash is not present in the response, however the presence or absence of a result confirms if the character is in the right position. The API has throttling enabled by default, making this a time intensive task. Both the REST API and the users endpoint need to be enabled, as they are disabled by default. The issue has been fixed in versions 3.2.39 and above, and 3.3.2 and above."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-25T21:40:11.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/statamic/cms/security/advisories/GHSA-qcgx-7p5f-hxvr"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/statamic/cms/issues/5604"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/statamic/cms/pull/5568"
}
],
"source": {
"advisory": "GHSA-qcgx-7p5f-hxvr",
"discovery": "UNKNOWN"
},
"title": "Discoverability of user password hash in Statamic CMS",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-24784",
"STATE": "PUBLIC",
"TITLE": "Discoverability of user password hash in Statamic CMS"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "cms",
"version": {
"version_data": [
{
"version_value": "\u003c 3.2.39"
},
{
"version_value": "\u003c 3.3.2"
}
]
}
}
]
},
"vendor_name": "statamic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Statamic is a Laravel and Git powered CMS. Before versions 3.2.39 and 3.3.2, it is possible to confirm a single character of a user\u0027s password hash using a specially crafted regular expression filter in the users endpoint of the REST API. Multiple such requests can eventually uncover the entire hash. The hash is not present in the response, however the presence or absence of a result confirms if the character is in the right position. The API has throttling enabled by default, making this a time intensive task. Both the REST API and the users endpoint need to be enabled, as they are disabled by default. The issue has been fixed in versions 3.2.39 and above, and 3.3.2 and above."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/statamic/cms/security/advisories/GHSA-qcgx-7p5f-hxvr",
"refsource": "CONFIRM",
"url": "https://github.com/statamic/cms/security/advisories/GHSA-qcgx-7p5f-hxvr"
},
{
"name": "https://github.com/statamic/cms/issues/5604",
"refsource": "MISC",
"url": "https://github.com/statamic/cms/issues/5604"
},
{
"name": "https://github.com/statamic/cms/pull/5568",
"refsource": "MISC",
"url": "https://github.com/statamic/cms/pull/5568"
}
]
},
"source": {
"advisory": "GHSA-qcgx-7p5f-hxvr",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-24784",
"datePublished": "2022-03-25T21:40:11.000Z",
"dateReserved": "2022-02-10T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:43:26.208Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-45364 (GCVE-0-2021-45364)
Vulnerability from cvelistv5 – Published: 2022-02-10 18:38 – Updated: 2024-08-04 04:39 Disputed
VLAI?
Summary
A Code Execution vulnerability exists in Statamic Version through 3.2.26 via SettingsController.php. NOTE: the vendor indicates that there was an error in publishing this CVE Record, and that all parties agree that the affected code was not used in any Statamic product
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-45364",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-02T18:54:09.737112Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T18:54:18.820Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:39:20.598Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Stakcery/Web-Security/issues/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Code Execution vulnerability exists in Statamic Version through 3.2.26 via SettingsController.php. NOTE: the vendor indicates that there was an error in publishing this CVE Record, and that all parties agree that the affected code was not used in any Statamic product"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-18T16:13:22",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Stakcery/Web-Security/issues/2"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-45364",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** A Code Execution vulnerability exists in Statamic Version through 3.2.26 via SettingsController.php. NOTE: the vendor indicates that there was an error in publishing this CVE Record, and that all parties agree that the affected code was not used in any Statamic product."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Stakcery/Web-Security/issues/2",
"refsource": "MISC",
"url": "https://github.com/Stakcery/Web-Security/issues/2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-45364",
"datePublished": "2022-02-10T18:38:12",
"dateReserved": "2021-12-20T00:00:00",
"dateUpdated": "2024-08-04T04:39:20.598Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-19598 (GCVE-0-2018-19598)
Vulnerability from cvelistv5 – Published: 2018-12-19 19:00 – Updated: 2024-08-05 11:37
VLAI?
Summary
Statamic 2.10.3 allows XSS via First Name or Last Name to the /users URI in an 'Add new user' request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:37:11.606Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/security-breachlock/CVE-2018-19598/blob/master/Static%20cms.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-11-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Statamic 2.10.3 allows XSS via First Name or Last Name to the /users URI in an \u0027Add new user\u0027 request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-02-20T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/security-breachlock/CVE-2018-19598/blob/master/Static%20cms.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19598",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Statamic 2.10.3 allows XSS via First Name or Last Name to the /users URI in an \u0027Add new user\u0027 request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/security-breachlock/CVE-2018-19598/blob/master/Static%20cms.pdf",
"refsource": "MISC",
"url": "https://github.com/security-breachlock/CVE-2018-19598/blob/master/Static%20cms.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-19598",
"datePublished": "2018-12-19T19:00:00",
"dateReserved": "2018-11-27T00:00:00",
"dateUpdated": "2024-08-05T11:37:11.606Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11422 (GCVE-0-2017-11422)
Vulnerability from cvelistv5 – Published: 2017-07-24 12:00 – Updated: 2024-08-05 18:12
VLAI?
Summary
Statamic framework before 2.6.0 does not correctly check a session's permissions when the methods from a user's class are called. Problematic methods include reset password, create new account, create new role, etc.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:12:39.441Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/rambo691/3714c8c09cf894d574d37c294711c49e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Statamic framework before 2.6.0 does not correctly check a session\u0027s permissions when the methods from a user\u0027s class are called. Problematic methods include reset password, create new account, create new role, etc."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-24T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/rambo691/3714c8c09cf894d574d37c294711c49e"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-11422",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Statamic framework before 2.6.0 does not correctly check a session\u0027s permissions when the methods from a user\u0027s class are called. Problematic methods include reset password, create new account, create new role, etc."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gist.github.com/rambo691/3714c8c09cf894d574d37c294711c49e",
"refsource": "MISC",
"url": "https://gist.github.com/rambo691/3714c8c09cf894d574d37c294711c49e"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-11422",
"datePublished": "2017-07-24T12:00:00",
"dateReserved": "2017-07-18T00:00:00",
"dateUpdated": "2024-08-05T18:12:39.441Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}