CVE-2023-25365
packagist/october/october
Unrestricted Upload of File with Dangerous Type
Cross Site Scripting vulnerability found in October CMS v.3.2.0 allows local attacker to execute arbitrary code via the file type .mp3
Version 3.2.0
Upgrade to version 3.2.11 or above.
2024-02-16
source |