CVE-2021-32649 Information

Jun 07, 2022 cve

Description

October CMS is a self-hosted content management system (CMS) platform based on the Laravel PHP Framework. Prior to versions 1.0.473 and 1.1.6 an attacker with ## CVSS Vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Reference

https://github.com/octobercms/october/security/advisories/GHSA-wv23-pfj7-2mjj https://github.com/octobercms/october/commit/167b592eed291ae1563c8fcc5b9b34a03a300f26

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

8.8

Share on: