0.001 Low
EPSS
Percentile
31.8%
October CMS build 412 is vulnerable to stored WCI (a.k.a XSS) in brand logo image name resulting in JavaScript code execution in the victim’s browser.
github.com/octobercms/october/compare/v1.0.412...v1.0.413