3 matches found
CVE-2020-11094
The October CMS debugbar plugin before version 3.1.0 contains a feature where it will log all requests and all information pertaining to each request including session data whenever it is enabled. This presents a problem if the plugin is ever enabled on a system that is open to untrusted users as...
CVE-2020-11094 Potential unauthorized access to stored request & session data when plugin is misconfigured in October CMS Debugbar
The October CMS debugbar plugin before version 3.1.0 contains a feature where it will log all requests and all information pertaining to each request including session data whenever it is enabled. This presents a problem if the plugin is ever enabled on a system that is open to untrusted users as...
CVE-2020-11094
CVE-2020-11094 affects the October CMS debugbar plugin prior to v3.1.0. The issue is an information disclosure vulnerability where the plugin logs all requests, including session data, which could allow untrusted users to view sensitive information. Affected component is the debugbar feature that...