VulnerableCode Package Details - pkg:composer/statamic/cms@6.3.2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:composer/statamic/cms@6.3.2

Essentials
History (3)

purl	pkg:composer/statamic/cms@6.3.2

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-cz95-w9j3-mufn	Statamic affected by privilege escalation via stored cross-site scripting Stored XSS vulnerability in `html` fieldtypes allow authenticated users with field management permissions to inject malicious JavaScript that executes when viewed by higher-privileged users.	CVE-2026-27196 GHSA-8r7r-f4gm-wcpq

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-05-31T10:54:15.990420+00:00	GithubOSV Importer	Fixing	VCID-cz95-w9j3-mufn	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/02/GHSA-8r7r-f4gm-wcpq/GHSA-8r7r-f4gm-wcpq.json	38.6.0
2026-05-31T01:07:27.662638+00:00	GHSA Importer	Fixing	VCID-cz95-w9j3-mufn	https://github.com/advisories/GHSA-8r7r-f4gm-wcpq	38.6.0
2026-05-30T21:06:44.124249+00:00	GitLab Importer	Fixing	VCID-cz95-w9j3-mufn	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/statamic/cms/CVE-2026-27196.yml	38.6.0