Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
OctobercmsOctober

2 matches found

CVE
CVEadded 2022/02/23 7:15 p.m.132 views

CVE-2022-21705

Octobercms is a self-hosted CMS platform based on the Laravel PHP Framework. In affected versions user input was not properly sanitized before rendering. An authenticated user with the permissions to create, modify and delete website pages can exploit this vulnerability to bypass cms.safe_mode / cm...

8.5CVSS7.2AI score0.84982EPSS
CVE
CVEadded 2022/02/24 12:15 a.m.122 views

CVE-2022-23655

Octobercms is a self-hosted CMS platform based on the Laravel PHP Framework. Affected versions of OctoberCMS did not validate gateway server signatures. As a result non-authoritative gateway servers may be used to exfiltrate user private keys. Users are advised to upgrade their installations to bui...

5.3CVSS5.2AI score0.00142EPSS