In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to upload jpg, jpeg, bmp, png, webp, gif, ico, css, js, woff, woff2, svg, ttf, eot, json, md, less, sass, scss, xml files to any directory of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the `cms.manage_assets` permission. Issue has been patched in Build 466 (v1.0.466).
References
Link | Resource |
---|---|
https://github.com/octobercms/october/security/advisories/GHSA-9722-rr68-rfpg | Patch Third Party Advisory |
https://github.com/octobercms/october/commit/6711dae8ef70caf0e94cec434498012a2ccd86b8 | Patch Third Party Advisory |
http://packetstormsecurity.com/files/158730/October-CMS-Build-465-XSS-File-Read-File-Deletion-CSV-Injection.html | Exploit Third Party Advisory VDB Entry |
http://seclists.org/fulldisclosure/2020/Aug/2 | Exploit Mailing List Third Party Advisory |
Configurations
Information
Published : 2020-06-03 15:15
Updated : 2022-06-30 07:46
NVD link : CVE-2020-5297
Mitre link : CVE-2020-5297
JSON object : View
CWE
Products Affected
octobercms
- october