ReportizFlow
Filtered by vendor Statamic
Subscriptions
Total
23 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-36828 | 1 Statamic | 2 Cms, Statamic | 2024-11-21 | 5.5 Medium |
| Statamic is a flat-first, Laravel and Git powered content management system. Prior to version 4.10.0, the SVG tag does not sanitize malicious SVG. Therefore, an attacker can exploit this vulnerability to perform cross-site scripting attacks using SVG, even when using the `sanitize` function. Version 4.10.0 contains a patch for this issue. | ||||
| CVE-2021-45364 | 1 Statamic | 1 Statamic | 2024-11-21 | 9.8 Critical |
| A Code Execution vulnerability exists in Statamic Version through 3.2.26 via SettingsController.php. NOTE: the vendor indicates that there was an error in publishing this CVE Record, and that all parties agree that the affected code was not used in any Statamic product | ||||
| CVE-2018-19598 | 1 Statamic | 1 Statamic | 2024-11-21 | N/A |
| Statamic 2.10.3 allows XSS via First Name or Last Name to the /users URI in an 'Add new user' request. | ||||