📦 Statamic

This vulnerability in Statmatic CMS allows attackers to hijack password reset tokens and take over user accounts. Attackers need a valid email address and must trick users into clicking malicious rese...

This CVE describes a code execution vulnerability in Statamic CMS versions through 3.2.26 via SettingsController.php. However, the vendor indicates this CVE was published in error and the affected cod...

A stored cross-site scripting (XSS) vulnerability in Statmatic CMS allows authenticated users with content creation permissions to inject malicious JavaScript into content titles. When higher-privileg...

This vulnerability allows attackers to upload HTML files disguised as images in Statamic CMS, bypassing MIME type validation. This affects front-end forms with asset fields and authenticated control p...

This vulnerability allows attackers to upload malicious PHP files disguised as images through Statamic's front-end forms and control panel asset uploads, bypassing MIME type validation. Successful exp...

This vulnerability allows attackers to upload malicious PHP files disguised as images through front-end forms in Statamic CMS. It affects websites using Statamic's Forms feature with asset upload fiel...