3 matches found
CVE-2021-29487
octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october/system package an attacker can exploit this vulnerability to bypass authentication and takeover of and user account on an October CMS server. The vulnerability is exploitable by unauthenticated...
CVE-2021-29487
CVE-2021-29487 affects the October CMS platform (october/system) and enables an unauthenticated attacker to bypass authentication and take over a frontend user account. The exploit relies on obtaining Laravel’s secret key for cookie encryption/signing. The vulnerability has been patched in Build ...
CVE-2021-29487 Authentication bypass in Octobercms
octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october/system package an attacker can exploit this vulnerability to bypass authentication and takeover of and user account on an October CMS server. The vulnerability is exploitable by unauthenticated...