Code injection

In OctoberCMS october/october composer package versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to read local files of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the cms.manageassets permission. Issue has...

Design/Logic Flaw

In OctoberCMS october/october composer package versions from 1.0.319 and before 1.0.466, a user with the ability to use the import functionality of the ImportExportController behavior can be socially engineered by an attacker to upload a maliciously crafted CSV file which could result in a...

Code injection

In OctoberCMS october/october composer package versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to delete arbitrary local files of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the cms.manageassets permission...

CVE-2020-5299

OctoberCMS (composer package october/october) versions 1.0.319–1.0.465 are vulnerable to CSV injection via data that can be exported through the ImportExportController. The root cause is data that can be controlled by an attacker being exported and then opened in vulnerable spreadsheet software, ...

CVE-2020-5299 Potential CSV Injection vector in OctoberCMS

In OctoberCMS october/october composer package versions from 1.0.319 and before 1.0.466, any users with the ability to modify any data that could eventually be exported as a CSV file from the ImportExportController could potentially introduce a CSV injection into the data to cause the generated C...

GHSA-4RHM-M2FP-HX7Q Potential CSV Injection vector in OctoberCMS

Impact Any users with the ability to modify any data that could eventually be exported as a CSV file from the ImportExportController could potentially introduce a CSV injection into the data to cause the generated CSV export file to be malicious. This requires attackers to achieve the following...

Potential CSV Injection vector in OctoberCMS

Impact Any users with the ability to modify any data that could eventually be exported as a CSV file from the ImportExportController could potentially introduce a CSV injection into the data to cause the generated CSV export file to be malicious. This requires attackers to achieve the following...

Reflected XSS when importing CSV in OctoberCMS

Impact A user with the ability to use the import functionality of the ImportExportController behavior could be socially engineered by an attacker to upload a maliciously crafted CSV file which could result in a reflected XSS attack on the user in question Patches Issue has been patched in Build 4...

GHSA-GG6X-XX78-448C Reflected XSS when importing CSV in OctoberCMS

Impact A user with the ability to use the import functionality of the ImportExportController behavior could be socially engineered by an attacker to upload a maliciously crafted CSV file which could result in a reflected XSS attack on the user in question Patches Issue has been patched in Build 4...

Upload whitelisted files to any directory in OctoberCMS

Impact An attacker can exploit this vulnerability to upload jpg, jpeg, bmp, png, webp, gif, ico, css, js, woff, woff2, svg, ttf, eot, json, md, less, sass, scss, xml files to any directory of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the...

GHSA-9722-RR68-RFPG Upload whitelisted files to any directory in OctoberCMS

Impact An attacker can exploit this vulnerability to upload jpg, jpeg, bmp, png, webp, gif, ico, css, js, woff, woff2, svg, ttf, eot, json, md, less, sass, scss, xml files to any directory of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the...

Arbitrary File Deletion vulnerability in OctoberCMS

Impact An attacker can exploit this vulnerability to delete arbitrary local files of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the cms.manageassets permission. Patches Issue has been patched in Build 466 v1.0.466. Workarounds Apply...

GHSA-JV6V-FVVX-4932 Arbitrary File Deletion vulnerability in OctoberCMS

Impact An attacker can exploit this vulnerability to delete arbitrary local files of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the cms.manageassets permission. Patches Issue has been patched in Build 466 v1.0.466. Workarounds Apply...

Local File read vulnerability in OctoberCMS

Impact An attacker can exploit this vulnerability to read local files of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the cms.manageassets permission. Patches Issue has been patched in Build 466 v1.0.466. Workarounds Apply...

GHSA-R23F-C2J5-RX2F Local File read vulnerability in OctoberCMS

Impact An attacker can exploit this vulnerability to read local files of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the cms.manageassets permission. Patches Issue has been patched in Build 466 v1.0.466. Workarounds Apply...

CVE-2020-5296

CVE-2020-5296 affects OctoberCMS (october/october composer package) versions 1.0.319–1.0.465. An authenticated backend user with the cms.manage_assets permission can delete arbitrary local files on the server. The issue is fixed in Build 466 (v1.0.466). The vulnerability originates from improper ...

CVE-2020-5296 Arbitrary File Deletion vulnerability in OctoberCMS

In OctoberCMS october/october composer package versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to delete arbitrary local files of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the cms.manageassets permission...

CVE-2020-5297 Upload whitelisted files to any directory in OctoberCMS

In OctoberCMS october/october composer package versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to upload jpg, jpeg, bmp, png, webp, gif, ico, css, js, woff, woff2, svg, ttf, eot, json, md, less, sass, scss, xml files to any directory of an October CMS server...

CVE-2020-5297

The CVE-2020-5297 issue affects OctoberCMS (october/october composer package) versions 1.0.319–1.0.465, where an authenticated backend user with cms.manage_assets can upload many file types (images, CSS/JS, fonts, JSON, etc.) to any directory on the server. The root cause is an unrestricted file ...

CVE-2020-5298

In OctoberCMS (composer package october/october), CVE-2020-5298 affects versions 1.0.319 and earlier than 1.0.466 where a user with access to the ImportExportController’s import flow can be socially engineered to upload a crafted CSV, enabling a reflected XSS on the user. The issue is mitigated b...