CVE-2026-28426 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 and 6.4.0, stored XSS vulnerability in svg and icon related co…
High CVSS: 8.7

CVE-2026-28426

Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 and 6.4.0, stored XSS vulnerability in svg and icon related components allow authenticated users with appropriate permissions to inject malicious JavaScript that executes when viewed by higher-privileged users. This has been fixed in 5.73.11 and 6.4.0.
Vendor
Statamic
Product
Statamic
CWE
CWE-79
Yayın Tarihi
2026-02-27 23:16:05
Güncelleme
2026-03-05 14:32:00
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-79 Statamic HIGH Statamic 2026

Referanslar

https://github.com/statamic/cms/releases/tag/v5.73.11 https://github.com/statamic/cms/releases/tag/v6.4.0 https://github.com/statamic/cms/security/advisories/GHSA-5vrj-wf7v-5wr7