PT-2017-6872 · October · October Cms
Abhi-R3V0
·
Published
2017-09-27
·
Updated
2017-10-06
·
CVE-2015-5613
CVSS v2.0
3.5
Low
| Vector | AV:N/AC:M/Au:S/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
October CMS versions prior to build 272
Description
A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via vectors involving a file title.
Recommendations
For October CMS versions prior to build 272, update to build 272 or later to resolve the issue.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
October Cms