CVE-2024-24570

Statamic is a Laravel and Git powered CMS. HTML files crafted to look like jpg files are able to be uploaded, allowing for XSS. This affects the front-end forms with asset fields without any mime type validation, asset fields in the control panel, and asset browser in the control panel. Additionally, if the XSS is crafted in a specific way, the "copy password reset link" feature may be exploited to gain access to a user's password reset token and gain access to their account. The authorized user is required to execute the XSS in order for the vulnerability to occur. In versions 4.46.0 and 3.4.17, the XSS vulnerability has been patched, and the copy password reset link functionality has been disabled.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:statamic:statamic:*:*:*:*:*:*:*:*
cpe:2.3:a:statamic:statamic:*:*:*:*:*:*:*:*

History

14 Feb 2024, 17:15

Type Values Removed Values Added
References
  • () http://packetstormsecurity.com/files/177133/Statamic-CMS-Cross-Site-Scripting.html -

14 Feb 2024, 04:15

Type Values Removed Values Added
References
  • () http://seclists.org/fulldisclosure/2024/Feb/17 -

09 Feb 2024, 20:21

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.1
First Time Statamic
Statamic statamic
References () https://github.com/statamic/cms/security/advisories/GHSA-vqxq-hvxw-9mv9 - () https://github.com/statamic/cms/security/advisories/GHSA-vqxq-hvxw-9mv9 - Vendor Advisory
CPE cpe:2.3:a:statamic:statamic:*:*:*:*:*:*:*:*

01 Feb 2024, 18:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-02-01 17:15

Updated : 2024-02-28 20:54


NVD link : CVE-2024-24570

Mitre link : CVE-2024-24570

CVE.ORG link : CVE-2024-24570


JSON object : View

Products Affected

statamic

  • statamic
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')