CVE-2023-25365
Unrestricted Upload of File with Dangerous Type in packagist/october/october
Identifiers
CVE-2023-25365
Package Slug
packagist/october/october
Vulnerability
Unrestricted Upload of File with Dangerous Type
Description
Cross Site Scripting vulnerability found in October CMS v.3.2.0 allows local attacker to execute arbitrary code via the file type .mp3
Affected Versions
Version 3.2.0
Solution
Upgrade to version 3.2.11 or above.
Last Modified
2024-02-16
| source |