[MEDIUM] Statamic allows unauthorized content access through missing authorization in its revision controllers

PKSA-yd5q-tqxd-dxfr CVE-2026-33887 GHSA-4hp7-3wxg-cv9q

Affected package: statamic/cms

Affected version: >=6.0.0-alpha.1,<6.7.2|<5.73.16

Reported by:
GitHub