Lucene search

CVE-2024-36119

🗓️ 30 May 2024 21:09:15Reported by GitHub_MType

Password confirmation stored in plain text for users registering via `user:register_form` tag in Statamic versions 5.3.0 to 5.6.1

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
OSV	GHSA-QVPJ-W7XJ-R6W9 Password confirmation stored in plain text via registration form in statamic/cms	2 Jun 202422:30	–	osv
OSV	CVE-2024-36119	30 May 202421:15	–	osv
Vulnrichment	CVE-2024-36119 Password confirmation stored in plain text via registration form in statamic/cms	30 May 202420:57	–	vulnrichment
NVD	CVE-2024-36119	30 May 202421:15	–	nvd
Veracode	Cleartext Password Storage	5 Jun 202406:44	–	veracode
Github Security Blog	Password confirmation stored in plain text via registration form in statamic/cms	2 Jun 202422:30	–	github
Cvelist	CVE-2024-36119 Password confirmation stored in plain text via registration form in statamic/cms	30 May 202420:57	–	cvelist

Vulners

Node

statamic cmsRange5.3.0–5.6.2

[
  {
    "vendor": "statamic",
    "product": "cms",
    "versions": [
      {
        "version": ">= 5.3.0, < 5.6.2",
        "status": "affected"
      }
    ]
  }
]

Source	Link
dev	www.dev.to/balogh08/cleaning-your-git-history-safely-removing-sensitive-data-10i5
github	www.github.com/statamic/cms/security/advisories/GHSA-qvpj-w7xj-r6w9
github	www.github.com/statamic/cms/commit/0b804306c96c99b81755d5bd02df87ddf392853e
docs	www.docs.github.com/en/authentication/keeping-your-account-and-data-secure/removing-sensitive-data-from-a-repository

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

30 May 2024 21:15Current

3.4Low risk

Vulners AI Score3.4

CVSS31.8

EPSS0.00021

SSVC

CWE-312