CVE-2023-44383

CVSS V2 None CVSS V3 None
Description
October is a Content Management System (CMS) and web platform to assist with development workflow. A user with access to the media manager that stores SVG files could create a stored XSS attack against themselves and any other user with access to the media manager when SVG files are supported. This issue has been patched in version 3.5.2.
Overview
  • CVE ID
  • CVE-2023-44383
  • Assigner
  • GitHub_M
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2023-11-29T19:57:38.263Z
  • Last Modified Date
  • 2023-11-29T19:57:38.263Z
History
Created Old Value New Value Data Type Notes
2024-06-25 12:12:59 Added to TrackCVE