Vulnerability DatabaseCVE-2024-24570
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2024-24570
February 01, 2024
Statamic is a Laravel and Git powered CMS. HTML files crafted to look like jpg files are able to be uploaded, allowing for XSS. This affects the front-end forms with asset fields without any mime type validation, asset fields in the control panel, and asset browser in the control panel. Additionally, if the XSS is crafted in a specific way, the "copy password reset link" feature may be exploited to gain access to a user's password reset token and gain access to their account. The authorized user is required to execute the XSS in order for the vulnerability to occur. In versions 4.46.0 and 3.4.17, the XSS vulnerability has been patched, and the copy password reset link functionality has been disabled.
Related ResourcesĀ (5)
https://github.com/statamic/cms
http://seclists.org/fulldisclosure/2024/Feb/17
https://github.com/statamic/cms/security/advisories/GHSA-vqxq-hvxw-9mv9
https://nvd.nist.gov/vuln/detail/CVE-2024-24570
http://packetstormsecurity.com/files/177133/Statamic-CMS-Cross-Site-Scripting.html
Do you need more information?
Contact Us
CVSS v4
Base Score:
8.4
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
PASSIVE
Vulnerable System Confidentiality
HIGH
Vulnerable System Integrity
LOW
Vulnerable System Availability
NONE
Subsequent System Confidentiality
HIGH
Subsequent System Integrity
LOW
Subsequent System Availability
NONE
CVSS v3
Base Score:
8.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality
HIGH
Integrity
LOW
Availability
NONE
Weakness Type (CWE)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-79
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
CWE-80
EPSS
Base Score:
1.44