CVE-2020-5295

Local File read vulnerability in OctoberCMS

CVSS 4.8 MEDIUMEPSS 7.4%CWE-98

In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to read local files of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the `cms.manage_assets` permission. Issue has been patched in Build 466 (v1.0.466).

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Productos afectados

octobercms · october

PoCs públicas encontradas — 2

cve_referencepacketstormsecurity.com/files/158730/October-CMS-Build-465-XSS-File-Read-File-Deletion-CSV-Injection.htmlno verificado exploitdbwww.exploit-db.com/exploits/49045no verificado

⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://packetstormsecurity.com/files/158730/October-CMS-Build-465-XSS-File-Read-File-Deletion-CSV-Injection.html http://seclists.org/fulldisclosure/2020/Aug/2 https://github.com/octobercms/october/commit/2b8939cc8b5b6fe81e093fe2c9f883ada4e3c8cc https://github.com/octobercms/october/security/advisories/GHSA-r23f-c2j5-rx2f