October CMS build 412 is vulnerable to PHP code execution in the asset manager functionality resulting in site compromise and possibly other applications on the server.
References
Configurations
History
21 Nov 2024, 03:04
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/octobercms/october/compare/v1.0.412...v1.0.413#diff-c328b7b99eac0d17b3c71eb37038fd61R49 - Patch |
Information
Published : 2017-11-17 02:29
Updated : 2024-11-21 03:04
NVD link : CVE-2017-1000196
Mitre link : CVE-2017-1000196
CVE.ORG link : CVE-2017-1000196
JSON object : View
Products Affected
octobercms
- october
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')