10 matches found
CVE-2026-27196
Statmatic is a Laravel and Git powered content management system CMS. Versions 5.73.8 and below in addition to 6.0.0-alpha.1 through 6.3.1 have a Stored XSS vulnerability in html fieldtypes which allows authenticated users with field management permissions to inject malicious JavaScript that...
CVE-2026-27196
Statmatic is a Laravel and Git powered content management system CMS. Versions 5.73.8 and below in addition to 6.0.0-alpha.1 through 6.3.1 have a Stored XSS vulnerability in html fieldtypes which allows authenticated users with field management permissions to inject malicious JavaScript that...
CVE-2026-27196 Statamic affected by privilege escalation via stored Cross-site Scripting
Statmatic is a Laravel and Git powered content management system CMS. Versions 5.73.8 and below in addition to 6.0.0-alpha.1 through 6.3.1 have a Stored XSS vulnerability in html fieldtypes which allows authenticated users with field management permissions to inject malicious JavaScript that...
CVE-2026-27196 Statamic affected by privilege escalation via stored Cross-site Scripting
Statmatic is a Laravel and Git powered content management system CMS. Versions 5.73.8 and below in addition to 6.0.0-alpha.1 through 6.3.1 have a Stored XSS vulnerability in html fieldtypes which allows authenticated users with field management permissions to inject malicious JavaScript that...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the configFieldItems function. An attacker can execute arbitrary JavaScript in the context of higher-privileged users by injecting malicious scripts as an authenticated user with field management permissions...
GHSA-8R7R-F4GM-WCPQ Statamic affected by privilege escalation via stored cross-site scripting
Impact Stored XSS vulnerability in html fieldtypes allow authenticated users with field management permissions to inject malicious JavaScript that executes when viewed by higher-privileged users. Patches This has been fixed in 6.3.2 and 5.73.9...
PT-2026-20984
Name of the Vulnerable Software and Affected Versions Statamic versions 5.73.8 and below, and 6.0.0-alpha.1 through 6.3.1 Description Statamic, a Laravel and Git powered content management system CMS, is affected by a Stored Cross-Site Scripting XSS issue in the html fieldtypes. This flaw allows...
[SECURITY] Fedora 35 Update: phpMyAdmin-5.1.3-1.fc35
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats and i...
MantisBT cross-site scripting vulnerability (CNVD-2016-03974)
MantisBT is a Web-based open source defect tracking system of the MantisBT team . The system provides project management and defect tracking services in the form of Web operations. MantisBT has a cross-site scripting vulnerability in the custom field management. Allow attackers to exploit the...
DLA-512-1 mantis - security update
Bulletin has no description...