Statamic is vulnerable to account takeover via password reset link injection

Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 6.3.3 and 5.73.10, an attacker may leverage a vulnerability in the password reset feature to capture a user's token and reset the password on their behalf. The attacker must know the email address of a valid account on the site, and the actual user must blindly click the link in their email even though they didn't request the reset. This has been fixed in 6.3.3 and 5.73.10.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N

忘记口令恢复机制弱

Statamic 授权问题漏洞

Statamic是美国Statamic公司的一个基于 Laravel 构建的强大的平面文件 Cms。用于将所有内容、模板、资产和设置存储在文件而不是数据库中。 Statmatic 6.3.3之前版本和5.73.10之前版本存在授权问题漏洞，该漏洞源于密码重置功能存在缺陷，可能导致攻击者捕获用户令牌并重置其密码。

N/A

N/A