CVE-2026-28423 | Statamic CMS up to 5.73.10/6.3.x server-side request forgery (GHSA-cwpp-325q-2cvp)

Inserito da Angelo Barbosa | Feb 28, 2026 | CVE

A vulnerability categorized as critical has been discovered in Statamic CMS up to 5.73.10/6.3.x. This impacts an unknown function. The manipulation results in server-side request forgery.

This vulnerability was named CVE-2026-28423. The attack may be performed from remote. There is no available exploit.

It is advisable to upgrade the affected component.

CVE-2026-28423 | Statamic CMS up to 5.73.10/6.3.x server-side request forgery (GHSA-cwpp-325q-2cvp)

Post correlati

CVE-2024-56131 | Progress LoadMaster up to 7.2.60.1 os command injection

CVE-2024-21576 | bmad4ever ComfyUI-Bmad-Nodes code injection

CVE-2024-7920 | Anhui Deshun Intelligent Technology Jieshun JieLink+ JSOTC2016 up to 20240805 GetParkInThroughDeivces access control

CVE-2023-48880 | EyouCMS 1.6.4-UTF8-SP1 login.php Menu Name cross site scripting (Issue 52)