CVE-2026-24907

CVE-2026-24907 affects October CMS: versions prior to 3.7.14 and 4.1.10 contain a stored XSS in the Event Log mail preview feature. HTML is rendered in an iframe without proper sandboxing when viewing logged mail messages, allowing JavaScript execution in the viewer’s browser context. The issue i...

CVE-2026-24906 October CMS has Stored XSS in its Backend Editor Markup Classes

October is a Content Management System CMS and web platform. Versions prior to 3.7.14 and 4.1.10 contain a Stored Cross-Site Scripting XSS vulnerability in the Backend Editor Settings. The Markup Classes fields used for paragraph styles, inline styles, table styles, etc. did not sanitize input to...

CVE-2026-24906

October is a Content Management System CMS and web platform. Versions prior to 3.7.14 and 4.1.10 contain a Stored Cross-Site Scripting XSS vulnerability in the Backend Editor Settings. The Markup Classes fields used for paragraph styles, inline styles, table styles, etc. did not sanitize input to...

CVE-2026-24906 October CMS has Stored XSS in its Backend Editor Markup Classes

October is a Content Management System CMS and web platform. Versions prior to 3.7.14 and 4.1.10 contain a Stored Cross-Site Scripting XSS vulnerability in the Backend Editor Settings. The Markup Classes fields used for paragraph styles, inline styles, table styles, etc. did not sanitize input to...

CVE-2026-22692

October is a Content Management System CMS and web platform. Versions prior to 3.7.13 and versions 4.0.0 through 4.1.4 contain a sandbox bypass vulnerability in the optional Twig safe mode feature CMSSAFEMODE. Certain methods on the collect helper were not properly restricted, allowing...

CVE-2026-22692 October CMS: Twig Sandbox Bypass via Collection Methods

October is a Content Management System CMS and web platform. Versions prior to 3.7.13 and versions 4.0.0 through 4.1.4 contain a sandbox bypass vulnerability in the optional Twig safe mode feature CMSSAFEMODE. Certain methods on the collect helper were not properly restricted, allowing...

CVE-2026-22692 October CMS: Twig Sandbox Bypass via Collection Methods

October is a Content Management System CMS and web platform. Versions prior to 3.7.13 and versions 4.0.0 through 4.1.4 contain a sandbox bypass vulnerability in the optional Twig safe mode feature CMSSAFEMODE. Certain methods on the collect helper were not properly restricted, allowing...

CVE-2026-22692

CVE-2026-22692 affects October CMS Twig sandbox (CMS_SAFE_MODE). Vulnerable in versions prior to 3.7.13 and 4.0.0–4.1.4; fixed in 3.7.13 and 4.1.5. Root cause: collect()->mapInto() on SafeCollection bypasses SecurityPolicy, allowing authenticated template editors to bypass sandbox. Exploitatio...

Exploit for CVE-2026-22692

CVE-2026-22692: Critical Twig Sandbox Bypass via collect-ma...

October 跨站脚本漏洞

October is an open-source content management system CMS and online platform developed by October. Versions prior to October 3.7.14 and 4.1.10 contained a cross-site scripting vulnerability. This vulnerability stemmed from regular expression patterns in the SVG cleanup logic, which could be...

October 安全漏洞

October is an open-source content management system CMS and online platform developed by October. Versions prior to October 3.7.13, as well as those before 4.1.4, contained security vulnerabilities. These vulnerabilities stemmed from a sandbox bypass in the Twig security mode function, which coul...

October 跨站脚本漏洞

October is an open-source content management system CMS and online platform developed by October. Versions prior to October 3.7.14 and 4.1.10 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper handling of marker class field inputs in the backend editor...

📄 Twig Sandbox Bypass / XXE / Remote Code Execution / LFI

Research describing a critical vulnerability that exists in the October CMS Twig sandbox Safe Mode that allows authenticated users with template editing privileges to bypass security restrictions and execute arbitrary PHP code or read arbitrary files via XML injection or local file inclusion from...

October 跨站脚本漏洞

October is an open-source content management system CMS and online platform developed by October. Versions prior to October 3.7.14 and 4.1.10 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper rendering of HTML content in the event log email preview function,...

PT-2026-32990

Name of the Vulnerable Software and Affected Versions NETGEAR affected versions not specified October CMS affected versions not specified Description Insufficient input validation in certain NETGEAR models allows authenticated administrators on the local network to perform unauthorized...

CVE-2026-32270

Craft Commerce is an ecommerce platform for Craft CMS. In versions 4.0.0 through 4.10.2 and 5.0.0 through 5.5.4, the PaymentsController::actionPay discloses some order data to unauthenticated users when an order number is provided and the email check fails during an anonymous payment. The JSON...

SUSE-SU-2026:21107-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: Security issues fixed: - CVE-2026-2673: TLS 1.3 servers may choose unexpected key agreement group bsc1259652. - CVE-2026-28387: potential use-after-free in DANE client code bsc1260441. - CVE-2026-28388: NULL pointer dereference when processing...

SUSE-SU-2026:21186-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: Security issues fixed: - CVE-2026-2673: TLS 1.3 servers may choose unexpected key agreement group bsc1259652. - CVE-2026-28387: potential use-after-free in DANE client code bsc1260441. - CVE-2026-28388: NULL pointer dereference when processing...

OPENSUSE-SU-2026:20525-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: Security issues fixed: - CVE-2026-2673: TLS 1.3 servers may choose unexpected key agreement group bsc1259652. - CVE-2026-28387: potential use-after-free in DANE client code bsc1260441. - CVE-2026-28388: NULL pointer dereference when processing...

EUVD-2026-21980

A vulnerability was identified in code-projects Simple Content Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /web/admin/login.php. Such manipulation of the argument User leads to sql injection. The attack may be launched remotely. The exploit is...