4 matches found
CVE-2021-21265
October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October before version 1.1.2, when running on poorly configured servers i.e. the server routes any request, regardless of the HOST header to an October CMS instance the potential exists for Host Header...
CVE-2021-21265
October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October before version 1.1.2, when running on poorly configured servers i.e. the server routes any request, regardless of the HOST header to an October CMS instance the potential exists for Host Header...
CVE-2021-21265
CVE-2021-21265 concerns October CMS (Laravel-based) before version 1.1.2. On misconfigured servers that route any Host header to the app, a Host Header Poisoning vulnerability exists, potentially enabling unauthorized behavior. The root cause is improper handling of the Host header; version 1.1.2...
CVE-2021-21265 October CMS vulnerable to Potential Host Header Poisoning on misconfigured servers
October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October before version 1.1.2, when running on poorly configured servers i.e. the server routes any request, regardless of the HOST header to an October CMS instance the potential exists for Host Header...