91 matches found
StudioCMS 授权问题漏洞
StudioCMS is StudioCMS open source a content management system . StudioCMS suffers from an authorization issue vulnerability that stems from improper access control in the password reset token generation endpoint, which can be exploited by an attacker to cause an administrator to take over a...
StudioCMS 安全漏洞
StudioCMS is StudioCMS open source a content management system . A security vulnerability exists in StudioCMS that can be exploited by an attacker to cause an authenticated user to perform arbitrary file operations on S3 storage buckets...
StudioCMS 安全漏洞
StudioCMS is StudioCMS open source a content management system . A security vulnerability exists in StudioCMS that can be exploited by an attacker to cause any authenticated user to modify the notification preferences of other users...
StudioCMS 安全漏洞
StudioCMS is StudioCMS open source a content management system . StudioCMS has a security vulnerability that can be exploited by an attacker to cause an administrator to create additional administrator accounts via the REST API...
PT-2026-24822
Summary The REST API createUser endpoint uses string-based rank checks that only block creating owner accounts, while the Dashboard API uses indexOf-based rank comparison that prevents creating users at or above your own rank. This inconsistency allows an admin to create additional admin accounts...
PT-2026-24818
StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.3.1, the S3 storage manager's isAuthorized function is declared async returns Promise but is called without await in both the POST and PUT handlers. Since a Promise object is always truthy in...
Incorrect Authorization
Overview studiocms is an A Community-Driven Astro native CMS. Built from the ground up by the Astro community. Affected versions of this package are vulnerable to Incorrect Authorization through the api-tokens endpoint, which allows an authenticated user with editor privileges or higher to genera...
EUVD-2026-10555
StudioCMS has Privilege Escalation via Insecure API Token Generation...
@studiocms/migrator (>=0.2.0 <=0.2.1) potentially affected by CVE-2026-30944 via studiocms (>=0.2.0 <=0.3.0)
studiocms NPM version =0.2.0, =0.2.0, =0.2.1 Source cves: CVE-2026-30944 Source advisory: SNYK:JS-STUDIOCMS-15518582...
studiocms (>=0.1.0 <=0.1.0-beta.31) potentially affected by CVE-2026-30944 via @withstudiocms/auth-kit (>=0.1.0-beta.1 <=0.1.0)
@withstudiocms/auth-kit NPM version =0.1.0-beta.1, =0.1.0, =0.1.0-beta.31 Source cves: CVE-2026-30944 Source advisory: SNYK:JS-WITHSTUDIOCMSAUTHKIT-15518581...
EUVD-2026-10556
StudioCMS has Privilege Escalation via Insecure API Token Generation...
GHSA-667W-MMH7-MRR4 StudioCMS has Privilege Escalation via Insecure API Token Generation
Summary The /studiocmsapi/dashboard/api-tokens endpoint allows any authenticated user at least Editor to generate API tokens for any other user, including owner and admin accounts. The endpoint fails to validate whether the requesting user is authorized to create tokens on behalf of the target us...
CVE-2026-30945 StudioCMS: IDOR — Arbitrary API Token Revocation Leading to Denial of Service
StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.0, the DELETE /studiocmsapi/dashboard/api-tokens endpoint allows any authenticated user with editor privileges or above to revoke API tokens belonging to any other user, including admin and owner...
CVE-2026-30945 StudioCMS: IDOR — Arbitrary API Token Revocation Leading to Denial of Service
StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.0, the DELETE /studiocmsapi/dashboard/api-tokens endpoint allows any authenticated user with editor privileges or above to revoke API tokens belonging to any other user, including admin and owner...
CVE-2026-30945
StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.0, the DELETE /studiocmsapi/dashboard/api-tokens endpoint allows any authenticated user with editor privileges or above to revoke API tokens belonging to any other user, including admin and owner...
CVE-2026-30945
CVE-2026-30945 : StudioCMS prior to 0.4.0 exposes an authorization flaw in DELETE /studiocms_api/dashboard/api-tokens. Any authenticated user with editor privileges or above can revoke API tokens for any user (including admin/owner) because tokenID and userID are taken directly from the request w...
CVE-2026-30944 StudioCMS Affected by Privilege Escalation via Insecure API Token Generation
StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.0, the /studiocmsapi/dashboard/api-tokens endpoint allows any authenticated user at least Editor to generate API tokens for any other user, including owner and admin accounts. The endpoint fails to...
CVE-2026-30944
StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.0, the /studiocmsapi/dashboard/api-tokens endpoint allows any authenticated user at least Editor to generate API tokens for any other user, including owner and admin accounts. The endpoint fails to...
CVE-2026-30944 StudioCMS Affected by Privilege Escalation via Insecure API Token Generation
StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.0, the /studiocmsapi/dashboard/api-tokens endpoint allows any authenticated user at least Editor to generate API tokens for any other user, including owner and admin accounts. The endpoint fails to...
PT-2026-24252
StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.0, the /studiocms api/dashboard/api-tokens endpoint allows any authenticated user at least Editor to generate API tokens for any other user, including owner and admin accounts. The endpoint fails t...