2 matches found
CVE-2026-33887
Statamic is a Laravel and Git powered content management system CMS. Prior to versions 5.73.16 and 6.7.2, authenticated Control Panel users could view entry revisions for any collection with revisions enabled, regardless of whether they had the required collection permissions. This bypasses the...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization in the revision controllers. An attacker can access entry revisions and view sensitive field values and blueprint data by bypassing authorization checks with authenticated Control Panel access. Users may also creat...