CVE-2026-33883 | Statamic CMS up to 5.73.15/6.7.1 user:reset_password_form cross site scripting (GHSA-3jg4-p23x-p4qx)

A vulnerability, which was classified as problematic, was found in Statamic CMS up to 5.73.15/6.7.1. This affects an unknown part. The manipulation of the argument user:reset_password_form results in cross site scripting.

This vulnerability was named CVE-2026-33883. The attack may be performed from remote. There is no available exploit.

You should upgrade the affected component.VulDB Recent EntriesRead More