[HIGH] Statmic CMS vulnerable to account takeover via XSS and password reset link

PKSA-8pw7-xndm-5j7f CVE-2024-24570 GHSA-vqxq-hvxw-9mv9

Affected package: statamic/cms

Affected version: <3.4.17|>=4.00,<4.46.0

Reported by:
GitHub