CVE-2024-51991

Name of the Vulnerable Software and Affected Versions October CMS versions prior to 3.7.5

Description A vulnerability in October CMS affects authenticated administrators with sites that have the media.clean vectors configuration enabled, allowing an authenticated user to bypass the protection of sanitizing SVG files uploaded using the media manager. This is done by uploading the file with a permitted extension, such as .jpg or .png, and later modifying it to the .svg extension. The vulnerability assumes a trusted user will attack another trusted user and cannot be actively exploited without access to the administration panel and interaction from the other user.

Recommendations For versions prior to 3.7.5, update to version 3.7.5 to resolve the issue. As a temporary workaround, consider disabling the media.clean vectors configuration until the update is applied. Restrict access to the media manager to minimize the risk of exploitation. Avoid using the media manager to upload files with extensions that can be modified to .svg until the issue is resolved.