statamic/cms Security Advisories for v4.42.1 (2)
-
[MEDIUM] Statamic CMS has a Path Traversal in Asset Upload
PKSA-8gf5-xvpy-gbms CVE-2024-52600 GHSA-p7f6-8mcm-fwv3
Affected version: <=5.16.0
Reported by:
GitHub -
[HIGH] Statmic CMS vulnerable to account takeover via XSS and password reset link
PKSA-8pw7-xndm-5j7f CVE-2024-24570 GHSA-vqxq-hvxw-9mv9
Affected version: <3.4.17|>=4.00,<4.46.0
Reported by:
GitHub