CVE-2017-1000193

CVE-2017-1000193

EPSS 1.0%

October CMS build 412 is vulnerable to stored WCI (a.k.a XSS) in brand logo image name resulting in JavaScript code execution in the victim's browser.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/octobercms/october/compare/v1.0.412...v1.0.413#diff-66d6dfe5e11488e1afefcb69b8bdaabfR31