Statamic CMS is a Laravel and Git powered content management system (CMS). Prior to versions 3.4.15 an 4.36.0, HTML files crafted to look like images may be uploaded regardless of mime validation. This is only applicable on front-end forms using the "Forms" feature containing an assets field, or within the control panel which requires authentication. This issue has been patched on 3.4.15 and 4.36.0.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2023-11-21T22:34:11.043Z
Updated: 2024-08-02T21:37:53.540Z
Reserved: 2023-11-17T19:43:37.554Z
Link: CVE-2023-48701
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-11-21T23:15:08.510
Modified: 2024-11-21T08:32:17.277
Link: CVE-2023-48701
Redhat
No data.