2 matches found
Statamic 安全漏洞
Statamic is a powerful flat-file CMS built using Laravel by Statamic Inc. It allows all content, templates, assets, and settings to be stored in files rather than in a database. Versions of Statamic 5.73.14 and earlier, as well as 6.7.0, contained security vulnerabilities. These vulnerabilities...
GHSA-WH3H-GVC4-CC2G Statamic is missing authorization check on taxonomy term creation via fieldtype
Impact Low-privileged Control Panel users could create taxonomy terms by submitting requests to the field action processing endpoint with attacker-controlled field definitions. This bypasses the authorization checks enforced on the standard taxonomy term creation endpoint. Patches This has been...