Lucene search

CVE-2020-15248

🗓️ 23 Nov 2020 20:12:15Reported by GitHub_MType

October CMS before 1.0.470 allows unauthorized escalation to "Developer" rol

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
OSV	CVE-2020-15248	23 Nov 202020:15	–	osv
OSV	Privilege escalation by backend users assigned to the default "Publisher" system role	23 Nov 202019:47	–	osv
Veracode	Privilege Escalation	24 Nov 202001:04	–	veracode
Prion	Double free	23 Nov 202020:15	–	prion
NVD	CVE-2020-15248	23 Nov 202020:15	–	nvd
Cvelist	CVE-2020-15248 Privilege escalation by backend users assigned to the default "Publisher" system role	23 Nov 202019:40	–	cvelist
Github Security Blog	Privilege escalation by backend users assigned to the default "Publisher" system role	23 Nov 202019:47	–	github

Nvd

Vulners

Node

octobercms octoberRange1.0.319–1.0.469

[
  {
    "product": "october",
    "vendor": "octobercms",
    "versions": [
      {
        "status": "affected",
        "version": ">= 1.0.319, < 1.0.470"
      }
    ]
  }
]

Source	Link
github	www.github.com/octobercms/october/security/advisories/GHSA-rfjc-xrmf-5vvw
github	www.github.com/octobercms/october/commit/78a37298a4ed4602b383522344a31e311402d829

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

23 Nov 2020 20:15Current

4.4Medium risk

Vulners AI Score4.4

CVSS24.6

CVSS34 - 4.2

EPSS0.00049