18 matches found
CVE-2026-33884
Statamic is a Laravel and Git powered content management system CMS. Prior to versions 5.73.16 and 6.7.2, an authenticated Control Panel user with access to live preview could use a live preview token to access restricted content that the token was not intended for. This has been fixed in 5.73.16...
Statamic's live preview token bypasses content protection for unrelated entries
Impact An authenticated Control Panel user with access to live preview could use a live preview token to access restricted content that the token was not intended for. Patches This has been fixed in 5.73.16 and 6.7.2...
CVE-2026-29113
Craft is a content management system CMS. Prior to 4.17.4 and 5.9.7, Craft CMS has a CSRF issue in the preview token endpoint at /actions/preview/create-token. The endpoint accepts an attacker-supplied previewToken. Because the action does not require POST and does not enforce a CSRF token, an...
PT-2026-28551
Name of the Vulnerable Software and Affected Versions Statamic versions prior to 5.73.16 Statamic versions prior to 6.7.2 Description An authenticated Control Panel user with access to live preview could use a live preview token to access restricted content that the token was not intended for. Th...
Incorrect Authorization
Overview craftcms/cms is a content management system. Affected versions of this package are vulnerable to Incorrect Authorization in the actionImpersonateWithToken process. An attacker can gain unauthorized administrative access by leveraging a valid preview token and manipulating the action quer...
GHSA-CC7P-2J3X-X7XF Craft CMS Vulnerable to Privilege Escalation/Bypass through UsersController->actionImpersonateWithToken()
Summary A low-privilege user or an unauthenticated user who has been sent a shared URL can escalate their privileges to admin by abusing UsersController-actionImpersonateWithToken. Affected users should update to Craft 4.17.6 and 5.9.12 to mitigate the issue. Details This vulnerability allows any...
Craft CMS Vulnerable to Privilege Escalation/Bypass through UsersController->actionImpersonateWithToken()
Summary A low-privilege user or an unauthenticated user who has been sent a shared URL can escalate their privileges to admin by abusing UsersController-actionImpersonateWithToken. Affected users should update to Craft 4.17.6 and 5.9.12 to mitigate the issue. Details This vulnerability allows any...
CVE-2026-29113
Craft is a content management system CMS. Prior to 4.17.4 and 5.9.7, Craft CMS has a CSRF issue in the preview token endpoint at /actions/preview/create-token. The endpoint accepts an attacker-supplied previewToken. Because the action does not require POST and does not enforce a CSRF token, an...
CVE-2026-29113
Craft is a content management system CMS. Prior to 4.17.4 and 5.9.7, Craft CMS has a CSRF issue in the preview token endpoint at /actions/preview/create-token. The endpoint accepts an attacker-supplied previewToken. Because the action does not require POST and does not enforce a CSRF token, an...
CVE-2026-29113 Craft has a potential information disclosure vulnerability in preview tokens
Craft is a content management system CMS. Prior to 4.17.4 and 5.9.7, Craft CMS has a CSRF issue in the preview token endpoint at /actions/preview/create-token. The endpoint accepts an attacker-supplied previewToken. Because the action does not require POST and does not enforce a CSRF token, an...
CVE-2026-29113
Craft CMS prior to versions 4.17.4 and 5.9.7 suffers a CSRF flaw in the preview token endpoint (/actions/preview/create-token). The endpoint accepts an attacker-supplied previewToken without requiring a CSRF token, allowing a logged-in editor to mint a preview token chosen by an attacker. The att...
CVE-2026-29113 Craft has a potential information disclosure vulnerability in preview tokens
Craft is a content management system CMS. Prior to 4.17.4 and 5.9.7, Craft CMS has a CSRF issue in the preview token endpoint at /actions/preview/create-token. The endpoint accepts an attacker-supplied previewToken. Because the action does not require POST and does not enforce a CSRF token, an...
CVE-2026-29113 Craft has a potential information disclosure vulnerability in preview tokens
Craft is a content management system CMS. Prior to 4.17.4 and 5.9.7, Craft CMS has a CSRF issue in the preview token endpoint at /actions/preview/create-token. The endpoint accepts an attacker-supplied previewToken. Because the action does not require POST and does not enforce a CSRF token, an...
GHSA-VG3J-HPM9-8V5V Craft CMS has a potential information disclosure vulnerability in preview tokens
Summary Craft CMS has a CSRF issue in the preview token endpoint at /actions/preview/create-token. The endpoint accepts an attacker-supplied previewToken. Because the action does not require POST and does not enforce a CSRF token, an attacker can force a logged-in victim editor to mint a preview...
Craft CMS has a potential information disclosure vulnerability in preview tokens
Summary Craft CMS has a CSRF issue in the preview token endpoint at /actions/preview/create-token. The endpoint accepts an attacker-supplied previewToken. Because the action does not require POST and does not enforce a CSRF token, an attacker can force a logged-in victim editor to mint a preview...
Craft CMS 跨站请求伪造漏洞
Craft CMS is an open-source content management system developed by Craft CMS. Versions prior to 4.17.4 and 5.9.7 of Craft CMS had a cross-site request forgery vulnerability. This vulnerability stemmed from the lack of CSRF token verification at the preview token endpoint, which could allow...
PT-2026-24638
Summary Craft CMS has a CSRF issue in the preview token endpoint at /actions/preview/create-token. The endpoint accepts an attacker-supplied previewToken. Because the action does not require POST and does not enforce a CSRF token, an attacker can force a logged-in victim editor to mint a preview...
PT-2026-24403
Craft is a content management system CMS. Prior to 4.17.4 and 5.9.7, Craft CMS has a CSRF issue in the preview token endpoint at /actions/preview/create-token. The endpoint accepts an attacker-supplied previewToken. Because the action does not require POST and does not enforce a CSRF token, an...