CVE-2020-11083

Name of the Vulnerable Software and Affected Versions October CMS versions 1.0.319 through 1.0.465 RainLab.Blog plugin versions prior to 1.4.1

Description A user with access to a markdown FormWidget that stores data persistently could create a stored XSS attack against themselves and any other users with access to the generated HTML from the field. This issue has been fixed by restricting the ability to store JS in markdown to only users that have been explicitly granted the backend.allow unsafe markdown permission.

Recommendations For October CMS versions 1.0.319 through 1.0.465, update to version 1.0.466 or later. For RainLab.Blog plugin versions prior to 1.4.1, update to version 1.4.1 or later. As a temporary workaround, consider applying the manual patches to your installation if unable to upgrade to the fixed versions.