CVE-2017-1000197

2017-11-1702:29:00

Google

osv.dev

6.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.4%

JSON

October CMS build 412 is vulnerable to file path modification in asset move functionality resulting in creating creating malicious files on the server.

CPENameOperatorVersion
octobereq1.0.360
octobereq1.0.403
octobereq1.0.373
octobereq1.0.407
octobereq1.0.402
octobereq1.0.379
octobereq1.0.342
octobereq1.0.339
octobereq1.0.344
octobereq1.0.399

Name	Operator	Version
october	eq	1.0.360
october	eq	1.0.403
october	eq	1.0.373
october	eq	1.0.407
october	eq	1.0.402
october	eq	1.0.379
october	eq	1.0.342
october	eq	1.0.339
october	eq	1.0.344
october	eq	1.0.399