Headline
CVE-2022-37721: The PHP CMS built for Laravel.
PyroCMS 3.9 is vulnerable to a stored Cross Site Scripting (XSS_ when a low privileged user such as an author, injects a crafted html and javascript payload in a blog post, leading to full admin account takeover or privilege escalation.
Laravel Built on the worlds most popular PHP framework.
Pyro feels like a natural extension of Laravel. We do not try and hide it but embrace it everywhere.
Open Source MIT License
Our core product and features have been and always will be 100% free and open source.
Easy to Use Simple, Clean, and Consistent Control Panel
The control panel is built on standardized patterns and principles just like the API. This means it is faster and easier for your team to create components and easier for clients to use the product.
Mobile Responsive Control Panel
Pyro makes it easy to manage your content wherever you are. Full access to the entire control panel you know and love on a desktop now at your fingertips.
Localization Localization is built-in.
- Easily translate content into multiple languages.
- Safely override core translations without hacking.
- Automatically route translated content.
Rapid Development Quickly scaffold components with Artisan.
Our CLI tools let you build addons and data structures literally in seconds. Just tweak as needed and ship it.
Lightning fast time to market means you can say yes more often to those customer needs that just can’t be found on the shelf.
Communicate Join our Discord server!
Get help from other skilled developers who know and love Pyro.
Join Us
Related news
BTicino Door Entry HOMETOUCH for iOS 1.4.2 was discovered to be missing an SSL certificate.
PyroCMS 3.9 is vulnerable to a stored Cross Site Scripting (XSS) when a low privileged user, such as an author, injects a crafted html and javascript payload in a blog post, leading to full admin account takeover or privilege escalation.