PT-2023-29217 · October · October
Aftspunk
+1
·
Published
2023-11-29
·
Updated
2023-12-06
·
CVE-2023-44382
CVSS v3.1
9.1
Critical
| Vector | AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
October versions prior to 3.4.15
Description
The issue allows an authenticated backend user with the
editor.cms pages, editor.cms layouts, or editor.cms partials permissions to write specific Twig code and execute arbitrary PHP, despite cms.safe mode being enabled. This is problematic for those relying on cms.safe mode to restrict users from writing and executing arbitrary PHP.Recommendations
For versions prior to 3.4.15, update to version 3.4.15 to resolve the issue.
As a temporary workaround, consider removing the
editor.cms pages, editor.cms layouts, or editor.cms partials permissions from untrusted users.Exploit
Fix
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
October