Security Advisories - statamic/cms - Packagist

statamic/cms Security Advisories for v5.18.0 (1)

[HIGH] Statamic Vulnerable to Superadmin Account Takeover via Stored Cross-Site Scripting and Lack of Proper X-CSRF-TOKEN Server-Side Validation

PKSA-mmp9-wb2h-d8gy CVE-2025-64112 GHSA-g59r-24g3-h7cm

Affected version: <=5.22.0

Reported by:
GitHub