Filtered by vendor Withstudiocms
Subscriptions
Filtered by product Studiocms
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-24134 | 1 Withstudiocms | 1 Studiocms | 2026-01-28 | 6.5 Medium |
| StudioCMS is a server-side-rendered, Astro native, headless content management system. Versions prior to 0.2.0 contain a Broken Object Level Authorization (BOLA) vulnerability in the Content Management feature that allows users with the "Visitor" role to access draft content created by Editor/Admin/Owner users. Version 0.2.0 patches the issue. | ||||
Page 1 of 1.