Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:31 p.m.11 views

CVE-2021-21265

October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October before version 1.1.2, when running on poorly configured servers i.e. the server routes any request, regardless of the HOST header to an October CMS instance the potential exists for Host Header...

7.5CVSS6.8AI score0.01748EPSS
Exploits0References1
OSV
OSV
added 2021/03/10 10:15 p.m.7 views

CVE-2021-21265

October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October before version 1.1.2, when running on poorly configured servers i.e. the server routes any request, regardless of the HOST header to an October CMS instance the potential exists for Host Header...

7.5CVSS7.5AI score
Exploits0References6
CVE
CVE
added 2021/03/10 9:15 p.m.104 views

CVE-2021-21265

CVE-2021-21265 concerns October CMS (Laravel-based) before version 1.1.2. On misconfigured servers that route any Host header to the app, a Host Header Poisoning vulnerability exists, potentially enabling unauthorized behavior. The root cause is improper handling of the Host header; version 1.1.2...

7.5CVSS7AI score0.01748EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2021/03/10 9:15 p.m.34 views

CVE-2021-21265 October CMS vulnerable to Potential Host Header Poisoning on misconfigured servers

October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October before version 1.1.2, when running on poorly configured servers i.e. the server routes any request, regardless of the HOST header to an October CMS instance the potential exists for Host Header...

6.8CVSS7.7AI score0.01748EPSS
Exploits0References6
Rows per page
Query Builder