SCA: security update for statamic/cms (GHSA-vqxq-hvxw-9mv9)

medium Tenable Self-Hosted Container Security Plugin ID 419509

Description

There are packages installed that are affected by a vulnerability referenced in the following CVE:

- Statamic is a Laravel and Git powered CMS. HTML files crafted to look like jpg files are able to be
uploaded, allowing for XSS. This affects the front-end forms with asset fields without any mime type
validation, asset fields in the control panel, and asset browser in the control panel. Additionally, if
the XSS is crafted in a specific way, the "copy password reset link" feature may be exploited to gain
access to a user's password reset token and gain access to their account. The authorized user is required
to execute the XSS in order for the vulnerability to occur. In versions 4.46.0 and 3.4.17, the XSS
vulnerability has been patched, and the copy password reset link functionality has been disabled.
(CVE-2024-24570)

See Also

https://github.com/advisories/GHSA-vqxq-hvxw-9mv9

Plugin Details

Severity: Medium

ID: 419509

Version: Revision 1.6

Type: Local

Family: SCA Checks

Published: 1/23/2025

Updated: 7/2/2026

Supported Sensors: Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Low

Score: 2.3

Percentile: 9.14

Vendor

Vendor Severity: High

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Temporal Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2024-24570

CVSS v3

Risk Factor: Medium

Base Score: 6.1

Temporal Score: 5.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/1/2024

Vulnerability Publication Date: 2/1/2024

Reference Information

CVE: CVE-2024-24570