CNNVD-202602-1829 Information
CNNVD ID
CNNVD-202602-1829
Related CVE
- CNNVD Published: 2026-02-11
Description (Chinese)
Statamic是美国Statamic公司的一个基于 Laravel 构建的强大的平面文件 Cms。用于将所有内容、模板、资产和设置存储在文件而不是数据库中。 Statamic 5.73.6之前版本和6.2.5之前版本存在安全漏洞,该漏洞源于访问控制不当,可能导致无权限用户下载资产并查看其元数据。
Description (English)
Statamic is a powerful plane file based on Laravel, a United States company Statamic, Cms. To store all content, templates, assets and settings in a file rather than a database. There is a security loophole in previous versions of Statamic 5.73.6 and in previous versions of 6.2.5 that stems from inadequate access controls, which may lead to unauthorized users downloading assets and viewing their metadata.
Vulnerability Type
其他
Affected Vendor
Statamic
Published
2026-02-11
Last Modified
2026-02-24
References
https://github.com/statamic/cms/commit/5a6f47246edf3a0c453727ffecbfa14333a6bc8a https://github.com/statamic/cms/releases/tag/v5.73.6 https://github.com/statamic/cms/releases/tag/v6.2.5 https://github.com/statamic/cms/security/advisories/GHSA-gwmx-9gcj-332h
Patch
https://github.com/statamic/cms/releases
Share on: