Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:34363
HistoryFeb 24, 2022 - 4:34 a.m.

Remote Code Execution (RCE)

2022-02-2404:34:21
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6

0.005 Low

EPSS

Percentile

77.0%

JSON

October CMS is vulnerable to remote code execution. The vulnerability exists because the library does not properly sanitize the user input before rendering, allowing an attacker who has access to the backend can manipulate web pages via cms.safe_mode or cms.enableSafeMode to execute arbitrary code.

Related

cve 1
prion 1
nvd 1
osv 2
nuclei 1
cvelist 1
github 1
cve
cve
CVE-2022-21705
2022-02-23 19:15:08
prion
prion
Design/Logic Flaw
2022-02-23 19:15:00
nvd
nvd
CVE-2022-21705
2022-02-23 19:15:08
osv
osv
Authenticated remote code execution in October CMS
2022-02-23 21:08:44
CVE-2022-21705
2022-02-23 19:15:08
nuclei
nuclei
October CMS - Remote Code Execution
2022-05-13 06:06:56
cvelist
cvelist
CVE-2022-21705 Authenticated remote code execution in octobercms
2022-02-23 19:00:10
github
github
Authenticated remote code execution in October CMS
2022-02-23 21:08:44

0.005 Low

EPSS

Percentile

77.0%

JSON
Related for VERACODE:34363
cve1prion1nvd1osv2nuclei1cvelist1github1