October Cms October vulnerabilities
2 known vulnerabilities affecting october_cms/october.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2020-11083MEDIUMCVSS 4.8v>= 1.0.319, < 1.0.4662020-07-14
CVE-2020-11083 [MEDIUM] CWE-79 CVE-2020-11083: In October from version 1.0.319 and before version 1.0.466, a user with access to a markdown FormWid
In October from version 1.0.319 and before version 1.0.466, a user with access to a markdown FormWidget that stores data persistently could create a stored XSS attack against themselves and any other users with access to the generated HTML from the field. This has been fixed in 1.0.466. For users of the RainLab.Blog plugin, this has also been fixed i
nvd
CVE-2020-4061MEDIUMCVSS 5.4v>= 1.0.319, < 1.0.4672020-07-02
CVE-2020-4061 [MEDIUM] CWE-79 CVE-2020-4061: In October from version 1.0.319 and before version 1.0.467, pasting content copied from malicious we
In October from version 1.0.319 and before version 1.0.467, pasting content copied from malicious websites into the Froala richeditor could result in a successful self-XSS attack. This has been fixed in 1.0.467.
nvd