Path Traversal Vulnerability in Statamic CMS by Statamic
CVE-2024-52600
Currently unrated
What is CVE-2024-52600?
A path traversal vulnerability exists in Statamic CMS prior to version 5.17.0, where improperly crafted filenames during asset uploads can lead to files being stored in unintended locations. This flaw primarily affects front-end forms that allow asset uploads. Although users must have upload permissions, the risk remains as uploaded files can potentially overwrite existing files on the server. Fortunately, traversal outside designated asset containers is not possible, and this vulnerability has been addressed in the latest version.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.