Vulnerabilities

CVE-2026-28426 - Statmatic Stored XSS Vulnerability

2026-02-28 0 views admin
CVE-2026-28426 - Statmatic Stored XSS Vulnerability

CVE ID : CVE-2026-28426 Published : Feb. 27, 2026, 11:16 p.m. | 22 minutes ago Description : Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 and 6.4.0, stored XSS vulnerability in svg and icon related components allow authenticated users with appropriate permissions to inject malicious JavaScript that executes when viewed by higher-privileged users. This has been fixed in 5.73.11 and 6.4.0. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

Severity
HIGH
Published
Feb. 27, 2026
Impact: XSS

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2026-28426high

More from Vulnerabilities

CVE-2026-28417 - Vim has OS Command Injection in netrw

CVE-2026-28417 - Vim has OS Command Injection in netrw

2026-02-28 0
CVE-2026-28416 - Gradio has SSRF via Malicious `proxy_url` Injection in `gr.load()` Config Proces...

CVE-2026-28416 - Gradio has SSRF via Malicious `proxy_url` Injection in `gr.load()` Config Proces...

2026-02-28 0
CVE-2026-28415 - Gradio has Open Redirect in OAuth Flow

CVE-2026-28415 - Gradio has Open Redirect in OAuth Flow

2026-02-28 0
CVE-2026-28414 - Gradio has Absolute Path Traversal on Windows with Python 3.13+

CVE-2026-28414 - Gradio has Absolute Path Traversal on Windows with Python 3.13+

2026-02-28 0

Trending

1

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

2025-10-27 • 189 views
2

CVE-2025-43939: Dell Unity OS Command Injection (High)

2025-10-30 • 148 views
3

Google disputes false claims of massive Gmail data breach

2025-10-30 • 130 views
4

Microsoft: DNS outage impacts Azure and Microsoft 365 services

2025-10-30 • 88 views
5

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting

2025-11-25 • 81 views