Vulnerabilities > Statamic
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-01 | CVE-2024-24570 | Cross-site Scripting vulnerability in Statamic Statamic is a Laravel and Git powered CMS. | 6.1 |
| 2023-11-21 | CVE-2023-48701 | Cross-site Scripting vulnerability in Statamic Statamic CMS is a Laravel and Git powered content management system (CMS). | 6.1 |
| 2023-11-14 | CVE-2023-48217 | Unrestricted Upload of File with Dangerous Type vulnerability in Statamic Statamic is a flat-first, Laravel + Git powered CMS designed for building websites. | 8.8 |
| 2023-11-10 | CVE-2023-47129 | Unrestricted Upload of File with Dangerous Type vulnerability in Statamic Statmic is a core Laravel content management system Composer package. | 9.8 |
| 2023-07-05 | CVE-2023-36828 | Cross-site Scripting vulnerability in Statamic Statamic is a flat-first, Laravel and Git powered content management system. | 5.4 |
| 2022-03-25 | CVE-2022-24784 | Information Exposure Through Discrepancy vulnerability in Statamic Statamic is a Laravel and Git powered CMS. | 3.7 |
| 2022-02-10 | CVE-2021-45364 | Unspecified vulnerability in Statamic A Code Execution vulnerability exists in Statamic Version through 3.2.26 via SettingsController.php. | 9.8 |
| 2018-12-19 | CVE-2018-19598 | Cross-site Scripting vulnerability in Statamic 2.10.3 Statamic 2.10.3 allows XSS via First Name or Last Name to the /users URI in an 'Add new user' request. | 4.8 |
| 2017-07-24 | CVE-2017-11422 | Incorrect Permission Assignment for Critical Resource vulnerability in Statamic Statamic framework before 2.6.0 does not correctly check a session's permissions when the methods from a user's class are called. | 8.8 |