CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 1CVE-2024-24570 – Statamic account takeover via XSS and password reset link
https://notcve.org/view.php?id=CVE-2024-24570
01 Feb 2024 — Statamic is a Laravel and Git powered CMS. HTML files crafted to look like jpg files are able to be uploaded, allowing for XSS. This affects the front-end forms with asset fields without any mime type validation, asset fields in the control panel, and asset browser in the control panel. Additionally, if the XSS is crafted in a specific way, the "copy password reset link" feature may be exploited to gain access to a user's password reset token and gain access to their account. The authorized user is required... • https://packetstorm.news/files/id/177133 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-48701 – Statamic CMS vulnerable to Cross-site Scripting via uploaded assets
https://notcve.org/view.php?id=CVE-2023-48701
21 Nov 2023 — Statamic CMS is a Laravel and Git powered content management system (CMS). Prior to versions 3.4.15 an 4.36.0, HTML files crafted to look like images may be uploaded regardless of mime validation. This is only applicable on front-end forms using the "Forms" feature containing an assets field, or within the control panel which requires authentication. This issue has been patched on 3.4.15 and 4.36.0. Statamic CMS es un Content Management System (CMS) impulsado por Laravel y Git. • https://github.com/statamic/cms/releases/tag/v3.4.15 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 1%CPEs: 2EXPL: 0CVE-2023-48217 – Remote code execution via form uploads in statamic/cms
https://notcve.org/view.php?id=CVE-2023-48217
14 Nov 2023 — Statamic is a flat-first, Laravel + Git powered CMS designed for building websites. In affected versions certain additional PHP files crafted to look like images may be uploaded regardless of mime type validation rules. This affects front-end forms using the "Forms" feature, and asset upload fields in the control panel. Malicious users could leverage this vulnerability to upload and execute code. This issue has been patched in versions 3.4.14 and 4.34.0. • https://github.com/statamic/cms/commit/4c6fe041e2203a8033e5949ce4a5d9d6c0ad2411 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 3%CPEs: 2EXPL: 1CVE-2023-47129 – Statamic CMS remote code execution via front-end form uploads
https://notcve.org/view.php?id=CVE-2023-47129
10 Nov 2023 — Statmic is a core Laravel content management system Composer package. Prior to versions 3.4.13 and 4.33.0, on front-end forms with an asset upload field, PHP files crafted to look like images may be uploaded. This only affects forms using the "Forms" feature and not just _any_ arbitrary form. This does not affect the control panel. This issue has been patched in 3.4.13 and 4.33.0. • https://github.com/Cyber-Wo0dy/CVE-2023-47129 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-36828 – Statamic's Antlers sanitizer cannot effectively sanitize malicious SVG
https://notcve.org/view.php?id=CVE-2023-36828
05 Jul 2023 — Statamic is a flat-first, Laravel and Git powered content management system. Prior to version 4.10.0, the SVG tag does not sanitize malicious SVG. Therefore, an attacker can exploit this vulnerability to perform cross-site scripting attacks using SVG, even when using the `sanitize` function. Version 4.10.0 contains a patch for this issue. • https://github.com/statamic/cms/blob/f806b6b007ddcf066082eef175653c5beaa96d60/src/Http/Controllers/CP/Fieldtypes/FilesFieldtypeController.php#L15 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-24784 – Discoverability of user password hash in Statamic CMS
https://notcve.org/view.php?id=CVE-2022-24784
25 Mar 2022 — Statamic is a Laravel and Git powered CMS. Before versions 3.2.39 and 3.3.2, it is possible to confirm a single character of a user's password hash using a specially crafted regular expression filter in the users endpoint of the REST API. Multiple such requests can eventually uncover the entire hash. The hash is not present in the response, however the presence or absence of a result confirms if the character is in the right position. The API has throttling enabled by default, making this a time intensive t... • https://github.com/statamic/cms/issues/5604 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-45364
https://notcve.org/view.php?id=CVE-2021-45364
10 Feb 2022 — A Code Execution vulnerability exists in Statamic Version through 3.2.26 via SettingsController.php. NOTE: the vendor indicates that there was an error in publishing this CVE Record, and that all parties agree that the affected code was not used in any Statamic product ** EN DISPUTA ** Se presenta una vulnerabilidad de Ejecución de Código en Statamic versiones hasta 3.2.26 por medio del archivo SettingsController.php NOTA: el proveedor indica que hubo un error al publicar este Registro CVE y que todas las p... • https://github.com/Stakcery/Web-Security/issues/2 •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-19598
https://notcve.org/view.php?id=CVE-2018-19598
19 Dec 2018 — Statamic 2.10.3 allows XSS via First Name or Last Name to the /users URI in an 'Add new user' request. Statamic 2.10.3 permite Cross-Site Scripting (XSS) mediante "First Name" o "Last Name" en el URI /users en una petición "Add new user". • https://github.com/security-breachlock/CVE-2018-19598/blob/master/Static%20cms.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-11422
https://notcve.org/view.php?id=CVE-2017-11422
24 Jul 2017 — Statamic framework before 2.6.0 does not correctly check a session's permissions when the methods from a user's class are called. Problematic methods include reset password, create new account, create new role, etc. Statamic framework anterior a la versión 2.6.0, no comprueba correctamente los permisos de sesión cuando son llamados los métodos de una clase de usuario. Los métodos problemáticos incluyen restablecer la contraseña, crear nueva cuenta, crear nuevo rol, etc. • https://gist.github.com/rambo691/3714c8c09cf894d574d37c294711c49e • CWE-732: Incorrect Permission Assignment for Critical Resource •