CVE-2020-5296

In OctoberCMS october/october composer package versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to delete arbitrary local files of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the cms.manageassets permission...

Stored XSS in October

Impact A user with access to a markdown FormWidget that stores data persistently could create a stored XSS attack against themselves and any other users with access to the generated HTML from the field. Patches Issue has been patched in Build 466 v1.0.466 & RainLab.Blog v1.4.1 by restricting the...

GHSA-W4PJ-7P68-3VGV Stored XSS in October

Impact A user with access to a markdown FormWidget that stores data persistently could create a stored XSS attack against themselves and any other users with access to the generated HTML from the field. Patches Issue has been patched in Build 466 v1.0.466 & RainLab.Blog v1.4.1 by restricting the...

CVE-2020-5297

In OctoberCMS october/october composer package versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to upload jpg, jpeg, bmp, png, webp, gif, ico, css, js, woff, woff2, svg, ttf, eot, json, md, less, sass, scss, xml files to any directory of an October CMS server...

CVE-2020-5299

In OctoberCMS october/october composer package versions from 1.0.319 and before 1.0.466, any users with the ability to modify any data that could eventually be exported as a CSV file from the ImportExportController could potentially introduce a CSV injection into the data to cause the generated C...

Design/Logic Flaw

In OctoberCMS october/october composer package versions from 1.0.319 and before 1.0.466, a user with the ability to use the import functionality of the ImportExportController behavior can be socially engineered by an attacker to upload a maliciously crafted CSV file which could result in a...

CVE-2020-5299 Potential CSV Injection vector in OctoberCMS

In OctoberCMS october/october composer package versions from 1.0.319 and before 1.0.466, any users with the ability to modify any data that could eventually be exported as a CSV file from the ImportExportController could potentially introduce a CSV injection into the data to cause the generated C...

Potential CSV Injection vector in OctoberCMS

Impact Any users with the ability to modify any data that could eventually be exported as a CSV file from the ImportExportController could potentially introduce a CSV injection into the data to cause the generated CSV export file to be malicious. This requires attackers to achieve the following...

GHSA-4RHM-M2FP-HX7Q Potential CSV Injection vector in OctoberCMS

Impact Any users with the ability to modify any data that could eventually be exported as a CSV file from the ImportExportController could potentially introduce a CSV injection into the data to cause the generated CSV export file to be malicious. This requires attackers to achieve the following...

GHSA-9722-RR68-RFPG Upload whitelisted files to any directory in OctoberCMS

Impact An attacker can exploit this vulnerability to upload jpg, jpeg, bmp, png, webp, gif, ico, css, js, woff, woff2, svg, ttf, eot, json, md, less, sass, scss, xml files to any directory of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the...

Upload whitelisted files to any directory in OctoberCMS

Impact An attacker can exploit this vulnerability to upload jpg, jpeg, bmp, png, webp, gif, ico, css, js, woff, woff2, svg, ttf, eot, json, md, less, sass, scss, xml files to any directory of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the...

GHSA-JV6V-FVVX-4932 Arbitrary File Deletion vulnerability in OctoberCMS

Impact An attacker can exploit this vulnerability to delete arbitrary local files of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the cms.manageassets permission. Patches Issue has been patched in Build 466 v1.0.466. Workarounds Apply...

Arbitrary File Deletion vulnerability in OctoberCMS

Impact An attacker can exploit this vulnerability to delete arbitrary local files of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the cms.manageassets permission. Patches Issue has been patched in Build 466 v1.0.466. Workarounds Apply...

Local File read vulnerability in OctoberCMS

Impact An attacker can exploit this vulnerability to read local files of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the cms.manageassets permission. Patches Issue has been patched in Build 466 v1.0.466. Workarounds Apply...

GHSA-R23F-C2J5-RX2F Local File read vulnerability in OctoberCMS

Impact An attacker can exploit this vulnerability to read local files of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the cms.manageassets permission. Patches Issue has been patched in Build 466 v1.0.466. Workarounds Apply...

CVE-2020-5296 Arbitrary File Deletion vulnerability in OctoberCMS

In OctoberCMS october/october composer package versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to delete arbitrary local files of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the cms.manageassets permission...

CVE-2020-5295 Local File read vulnerability in OctoberCMS

In OctoberCMS october/october composer package versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to read local files of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the cms.manageassets permission. Issue has...