2099 matches found
CVE-2026-32612
Statamic is a Laravel and Git powered content management system CMS. Prior to 6.6.2, stored XSS in the control panel color mode preference allows authenticated users with control panel access to inject malicious JavaScript that executes when a higher-privileged user impersonates their account. Th...
CVE-2026-33162
Craft CMS is a content management system CMS. From version 5.3.0 to before version 5.9.14, an authenticated control panel user with only accessCp can move entries across sections via POST /actions/entries/move-to-section, even when they do not have saveEntries:sectionUid permission for either...
CVE-2026-32261
Webhooks for Craft CMS plugin adds the ability to manage “webhooks” in Craft CMS, which will send GET or POST requests when certain events occur. From version 3.0.0 to before version 3.2.0, the Webhooks plugin renders user-supplied template content through Twig’s renderString function without...
CVE-2026-31857
Craft is a content management system CMS. Prior to 5.9.9 and 4.17.4, a Remote Code Execution vulnerability exists in the Craft CMS 5 conditions system. The BaseElementSelectConditionRule::getElementIds method passes user-controlled string input through renderObjectTemplate -- an unsandboxed Twig...
PT-2026-28551
Name of the Vulnerable Software and Affected Versions Statamic versions prior to 5.73.16 Statamic versions prior to 6.7.2 Description An authenticated Control Panel user with access to live preview could use a live preview token to access restricted content that the token was not intended for. Th...
PT-2026-28554
Name of the Vulnerable Software and Affected Versions Statamic versions prior to 5.73.16 Statamic versions prior to 6.7.2 Description Statamic is a Laravel and Git powered content management system CMS. Authenticated Control Panel users could view entry revisions for any collection with revisions...
CVE-2026-33162
Craft CMS is a content management system CMS. From version 5.3.0 to before version 5.9.14, an authenticated control panel user with only accessCp can move entries across sections via POST /actions/entries/move-to-section, even when they do not have saveEntries:sectionUid permission for either...
CVE-2026-33157
Craft CMS is a content management system CMS. From version 5.6.0 to before version 5.9.13, a Remote Code Execution RCE vulnerability exists in Craft CMS, it can be exploited by any authenticated user with control panel access. This is a bypass of a previous fix. The existing patches add...
CVE-2026-33162
Craft CMS vulnerability CVE-2026-33162 affects versions 5.3.0 through before 5.9.14. An authenticated control panel user with only accessCp can move entries across sections by POSTing to /actions/entries/move-to-section, even without saveEntries:{sectionUid} permission for source or destination. ...
EUVD-2026-14944
Craft CMS is a content management system CMS. From version 5.3.0 to before version 5.9.14, an authenticated control panel user with only accessCp can move entries across sections via POST /actions/entries/move-to-section, even when they do not have saveEntries:sectionUid permission for either...
CVE-2026-33162
Craft CMS is a content management system CMS. From version 5.3.0 to before version 5.9.14, an authenticated control panel user with only accessCp can move entries across sections via POST /actions/entries/move-to-section, even when they do not have saveEntries:sectionUid permission for either...
CVE-2026-33162 Craft CMS: Authorization bypass in "entries/move-to-section" allows control panel user to move entries without section permissions
Craft CMS is a content management system CMS. From version 5.3.0 to before version 5.9.14, an authenticated control panel user with only accessCp can move entries across sections via POST /actions/entries/move-to-section, even when they do not have saveEntries:sectionUid permission for either...
CVE-2026-33162 Craft CMS: Authorization bypass in "entries/move-to-section" allows control panel user to move entries without section permissions
Craft CMS is a content management system CMS. From version 5.3.0 to before version 5.9.14, an authenticated control panel user with only accessCp can move entries across sections via POST /actions/entries/move-to-section, even when they do not have saveEntries:sectionUid permission for either...
Craft CMS has an authorization bypass which allows any control panel user to move entries without permissions
Summary An authenticated control panel user with only accessCp can move entries across sections via POST /actions/entries/move-to-section, even when they do not have saveEntries:sectionUid permission for either source or destination section. Details Root-cause analysis 1. actionMoveToSection...
GHSA-F582-6GF6-GX4G Craft CMS has an authorization bypass which allows any control panel user to move entries without permissions
Summary An authenticated control panel user with only accessCp can move entries across sections via POST /actions/entries/move-to-section, even when they do not have saveEntries:sectionUid permission for either source or destination section. Details Root-cause analysis 1. actionMoveToSection...
CVE-2026-33157
Craft CMS 5.x (5.6.0–5.9.12) is vulnerable to authenticated Remote Code Execution via malicious attached behavior, due to un sanitized fieldLayouts in ElementIndexesController::actionFilterHud() feeding FieldLayout::createFromConfig(). The bug chain bypasses a prior fix that cleansed inputs with ...
Craft CMS is Vulnerable to Authenticated Remote Code Execution via Malicious Attached Behavior
Summary A Remote Code Execution RCE vulnerability exists in Craft CMS 5.x and 4.x that bypasses the security fixes for GHSA-7jx7-3846-m7w7 and GHSA-255j-qw47-wjh5. This vulnerability can be exploited by any authenticated user with control panel access. The existing patches add cleanseConfig to...
PT-2026-27467
Craft CMS is a content management system CMS. From version 5.3.0 to before version 5.9.14, an authenticated control panel user with only accessCp can move entries across sections via POST /actions/entries/move-to-section, even when they do not have saveEntries:sectionUid permission for either...
CVE-2026-33171
Statamic is a Laravel and Git powered content management system CMS. Prior to versions 5.73.14 and 6.7.0, authenticated Control Panel users could read arbitrary .json, .yaml, and .csv files from the server by manipulating the file dictionary's filename configuration parameter in the fieldtype's...
CVE-2026-33171 Statamic has a path traversal in file dictionary fieldtype
Statamic is a Laravel and Git powered content management system CMS. Prior to versions 5.73.14 and 6.7.0, authenticated Control Panel users could read arbitrary .json, .yaml, and .csv files from the server by manipulating the file dictionary's filename configuration parameter in the fieldtype's...