octobercms is vulnerable to unrestricted local file read. The vulnerability is possible because it does not restrict the file path to read the files under the assets directory, allowing any authenticated backend user with the cms.manage_assets
permission to read local files of an October CMS server.
CPE | Name | Operator | Version |
---|---|---|---|
october/october | le | 1.0.465 | |
october/october | le | 1.0.465 |
packetstormsecurity.com/files/158730/October-CMS-Build-465-XSS-File-Read-File-Deletion-CSV-Injection.html
seclists.org/fulldisclosure/2020/Aug/2
github.com/advisories/GHSA-r23f-c2j5-rx2f
github.com/octobercms/october/commit/2b8939cc8b5b6fe81e093fe2c9f883ada4e3c8cc
github.com/octobercms/october/security/advisories/GHSA-r23f-c2j5-rx2f
stazot.com