Cross site scripting

2017-11-1702:29:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

31.8%

JSON

October CMS build 412 is vulnerable to stored WCI (a.k.a XSS) in brand logo image name resulting in JavaScript code execution in the victim’s browser.

CPENameOperatorVersion
octoberle1.0.412

CPE	Name	Operator	Version
	october	le	1.0.412

References

github.com/octobercms/october/compare/v1.0.412...v1.0.413

0.001 Low

EPSS

Percentile

31.8%

JSON

Related for PRION:CVE-2017-1000193