CVE-2021-41126

Improper Authentication in packagist/october/october

Identifiers

CVE-2021-41126, GHSA-6gjf-7w99-j7x7

Package Slug

packagist/october/october

Vulnerability

Improper Authentication

Description

October is a Content Management System (CMS) and web platform built on the the Laravel PHP Framework. In affected versions administrator accounts which had previously been deleted may still be able to sign in to the backend.

Affected Versions

All versions starting from 2.0.0 before 2.1.12

Solution

Upgrade to version 2.1.12 or above.

Last Modified

2021-10-18

source