Statamic CMS Stored Cross-Site Scripting Vulnerability in Collections and Taxonomies

A stored cross-site scripting vulnerability has been identified in Statamic CMS versions through 5.22.0, specifically within the Collections and Taxonomies features. This issue allows authenticated users with content creation permissions to inject malicious JavaScript. The injected script executes when the content is viewed by users with higher privileges, such as super admins. In versions 5.21.0 and prior, this vulnerability could be exploited to change a super admin's password. In Statamic 5.22.0, the exploitation could involve changing a super admin's email address to initiate a password reset, leading to unauthorized access to the super admin account.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, with the injected JavaScript executing in the context of users with higher privileges. This could lead to a super admin account takeover, as the attacker could change the super admin's password or email address, depending on the Statamic version.

Remediation

Users can upgrade to Statamic CMS version 5.22.1 or later to address this vulnerability.