3 matches found
CVE-2022-23655
Octobercms is a self-hosted CMS platform based on the Laravel PHP Framework. Affected versions of OctoberCMS did not validate gateway server signatures. As a result non-authoritative gateway servers may be used to exfiltrate user private keys. Users are advised to upgrade their installations to...
CVE-2022-23655 Missing server signature validation in OctoberCMS
Octobercms is a self-hosted CMS platform based on the Laravel PHP Framework. Affected versions of OctoberCMS did not validate gateway server signatures. As a result non-authoritative gateway servers may be used to exfiltrate user private keys. Users are advised to upgrade their installations to...
CVE-2022-23655
CVE-2022-23655 affects Octobercms (Laravel-based) where affected versions did not validate gateway server signatures. This allows non-authoritative gateway servers to exfiltrate user private keys. The fix is available via upgrading to build 474 or v1.1.10, or applying the patch commit e3b455ad587...