october/october Security Advisories for v1.0.357 (7)
-
[HIGH] October CMS Cross-site Scripting vulnerability
PKSA-f5gt-nmcq-d353 CVE-2023-25365 GHSA-gcgj-qh8p-57hm
Affected version: <=3.2.0
Reported by:
GitHub -
[MEDIUM] Stored Cross-Site Scripting October CMS
PKSA-mn5j-jgxn-wwt6 CVE-2023-37692 GHSA-r47v-rxcg-p28j
Affected version: <=3.4.4
Reported by:
GitHub -
[HIGH] October CMS CSRF
PKSA-qf3x-mnjz-nmxw CVE-2017-16244 GHSA-vm6r-4p4v-232x
Affected version: <=1.0.426
Reported by:
GitHub -
[MEDIUM] October CMS XSS
PKSA-cym1-s7vp-1kq4 CVE-2017-1000193 GHSA-3p6c-9xhm-8x7h
Affected version: <=1.0.412
Reported by:
GitHub -
[CRITICAL] October CMS File Upload Vulnerability
PKSA-5138-8yvy-1t1n CVE-2017-1000194 GHSA-8vh6-8w76-v6m3
Affected version: <=1.0.412
Reported by:
GitHub -
[HIGH] October CMS Local File Inclusion
PKSA-bg2c-hjbr-g8th CVE-2018-1999009 GHSA-v7cr-w5v6-6659
Affected version: <1.0.437
Reported by:
GitHub -
[MEDIUM] Use of insecure jQuery version in OctoberCMS
PKSA-cgpj-6dtg-1n63 GHSA-v73w-r9xg-7cr9
Affected version: >=1.0.319,<1.0.466
Reported by:
GitHub