Filtered by vendor Statamic
Subscriptions
Filtered by product Cms
Subscriptions
Total
22 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-25633 | 1 Statamic | 2 Cms, Statamic | 2026-02-18 | 4.3 Medium |
| Statamic is a, Laravel + Git powered CMS designed for building websites. Prior to 5.73.6 and 6.2.5, users without permission to view assets are able are able to download them and view their metadata. Logged-out users and users without permission to access the control panel are unable to take advantage of this. This has been fixed in 5.73.6 and 6.2.5. | ||||
| CVE-2023-36828 | 1 Statamic | 2 Cms, Statamic | 2024-11-21 | 5.5 Medium |
| Statamic is a flat-first, Laravel and Git powered content management system. Prior to version 4.10.0, the SVG tag does not sanitize malicious SVG. Therefore, an attacker can exploit this vulnerability to perform cross-site scripting attacks using SVG, even when using the `sanitize` function. Version 4.10.0 contains a patch for this issue. | ||||