Statamic account takeover via XSS and password reset link
CVE-2024-24570

8.2HIGH

Key Information:

Vendor: Statamic
Status: Cms
Vendor: CVE Published:; 1 February 2024

What is CVE-2024-24570?

Statamic, a Laravel and Git powered content management system (CMS), is susceptible to a cross-site scripting (XSS) vulnerability. This security issue arises when HTML files are manipulated to mimic JPG files, enabling malicious uploads via front-end forms without proper mime type validation. Additionally, the vulnerability impacts asset fields in the control panel and the asset browser, posing a risk if an authorized user executes the crafted XSS. This exploitation may also lead to unauthorized access to a user's password reset token through the 'copy password reset link' feature. In response, versions 4.46.0 and 3.4.17 have patched the XSS vulnerability and disabled the password reset link functionality.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

cms < 3.4.17 < 3.4.17

cms >= 4.0.0, < 4.46.0 < 4.0.0, 4.46.0

References

https://github.com/statamic/cms/security/advisories/GHSA-...

x_refsource_CONFIRM

http://seclists.org/fulldisclosure/2024/Feb/17

http://packetstormsecurity.com/files/177133/Statamic-CMS-...

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Feb 1, 2024
Vulnerability Reserved
Jan 25, 2024

JSON

Statamic