6 matches found
CVE-2026-25759
Statmatic is a Laravel and Git powered content management system CMS. From 6.0.0 to before 6.2.3, a stored XSS vulnerability in content titles allows authenticated users with content creation permissions to inject malicious JavaScript that executes when viewed by higher-privileged users. Maliciou...
CVE-2026-25759 Statmatic affected by privilege escalation via stored cross-site scripting
Statmatic is a Laravel and Git powered content management system CMS. From 6.0.0 to before 6.2.3, a stored XSS vulnerability in content titles allows authenticated users with content creation permissions to inject malicious JavaScript that executes when viewed by higher-privileged users. Maliciou...
PT-2026-7714
Name of the Vulnerable Software and Affected Versions Statamic versions 6.0.0 through 6.2.2 Description Statamic is a Laravel and Git powered content management system CMS. A stored cross-site scripting XSS issue exists in content titles, allowing authenticated users with content creation...
CVE-2025-64112
Statmatic is a Laravel and Git powered content management system CMS. Stored XSS vulnerabilities in Collections and Taxonomies allow authenticated users with content creation permissions to inject malicious JavaScript that executes when viewed by higher-privileged users. This vulnerability is fix...
EUVD-2025-37033
Statmatic is a Laravel and Git powered content management system CMS. Stored XSS vulnerabilities in Collections and Taxonomies allow authenticated users with content creation permissions to inject malicious JavaScript that executes when viewed by higher-privileged users. This vulnerability is fix...
CVE-2025-64112
CVE-2025-64112 refers to a stored XSS vulnerability in Statamic CMS (Laravel + Git) involving Collections and Taxonomies. The issue allows an authenticated user with content-creation permissions to inject malicious JavaScript that executes for higher-privileged users, potentially enabling credent...