Vulnerabilities > Statamic

DATE CVE VULNERABILITY TITLE RISK
2024-02-01 CVE-2024-24570 Cross-site Scripting vulnerability in Statamic
Statamic is a Laravel and Git powered CMS.
network
low complexity
statamic CWE-79
6.1
2023-11-21 CVE-2023-48701 Cross-site Scripting vulnerability in Statamic
Statamic CMS is a Laravel and Git powered content management system (CMS).
network
low complexity
statamic CWE-79
6.1
2023-11-14 CVE-2023-48217 Unrestricted Upload of File with Dangerous Type vulnerability in Statamic
Statamic is a flat-first, Laravel + Git powered CMS designed for building websites.
network
low complexity
statamic CWE-434
8.8
2023-11-10 CVE-2023-47129 Unrestricted Upload of File with Dangerous Type vulnerability in Statamic
Statmic is a core Laravel content management system Composer package.
network
low complexity
statamic CWE-434
critical
9.8
2023-07-05 CVE-2023-36828 Cross-site Scripting vulnerability in Statamic
Statamic is a flat-first, Laravel and Git powered content management system.
network
low complexity
statamic CWE-79
5.4
2022-03-25 CVE-2022-24784 Information Exposure Through Discrepancy vulnerability in Statamic
Statamic is a Laravel and Git powered CMS.
network
high complexity
statamic CWE-203
3.7
2022-02-10 CVE-2021-45364 Unspecified vulnerability in Statamic
A Code Execution vulnerability exists in Statamic Version through 3.2.26 via SettingsController.php.
network
low complexity
statamic
critical
9.8
2018-12-19 CVE-2018-19598 Cross-site Scripting vulnerability in Statamic 2.10.3
Statamic 2.10.3 allows XSS via First Name or Last Name to the /users URI in an 'Add new user' request.
network
statamic CWE-79
3.5
2017-07-24 CVE-2017-11422 Incorrect Permission Assignment for Critical Resource vulnerability in Statamic
Statamic framework before 2.6.0 does not correctly check a session's permissions when the methods from a user's class are called.
network
low complexity
statamic CWE-732
6.5