Lucene search
K

6 matches found

NVD
NVD
added 2026/02/27 11:16 p.m.13 views

CVE-2026-28426

Statmatic is a Laravel and Git powered content management system CMS. Prior to versions 5.73.11 and 6.4.0, stored XSS vulnerability in svg and icon related components allow authenticated users with appropriate permissions to inject malicious JavaScript that executes when viewed by higher-privileg...

8.7CVSS0.00259EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/27 10:20 p.m.3 views

CVE-2026-28425 Statamic vulnerable to remote code execution via Antlers-enabled control panel inputs

Statmatic is a Laravel and Git powered content management system CMS. Prior to versions 5.73.16 and 6.7.2, an authenticated control panel user with access to Antlers-enabled inputs may be able to achieve remote code execution in the application context. That can lead to full compromise of the...

8CVSS6.5AI score0.00428EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/27 10:20 p.m.22 views

CVE-2026-28425 Statamic vulnerable to remote code execution via Antlers-enabled control panel inputs

Statmatic is a Laravel and Git powered content management system CMS. Prior to versions 5.73.16 and 6.7.2, an authenticated control panel user with access to Antlers-enabled inputs may be able to achieve remote code execution in the application context. That can lead to full compromise of the...

8CVSS0.00428EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/27 10:14 p.m.6 views

CVE-2026-28424

Statmatic is a Laravel and Git powered content management system CMS. Prior to versions 5.73.11 and 6.4.0, user email addresses were included in responses from the user fieldtype’s data endpoint for control panel users who did not have the "view users" permission. This has been fixed in 5.73.11 a...

6.5CVSS5.9AI score0.00231EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/27 12:0 a.m.11 views

PT-2026-22423

Name of the Vulnerable Software and Affected Versions Statmatic versions prior to 5.73.11 Statmatic versions prior to 6.4.0 Description Statmatic is a Laravel and Git powered content management system CMS. Before versions 5.73.11 and 6.4.0, user email addresses were included in responses from the...

6.5CVSS5.9AI score0.00231EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/02/27 12:0 a.m.7 views

PT-2026-22422

Name of the Vulnerable Software and Affected Versions Statmatic versions prior to 5.73.11 Statmatic versions prior to 6.4.0 Description Statmatic is a content management system. When Glide image manipulation is used in insecure mode, an unauthenticated user can exploit the image proxy to make the...

6.8CVSS6AI score0.00378EPSS
Exploits0References7
Rows per page
Query Builder