CVE-2020-5296

MEDIUM

OctoberCMS <1.0.466 - Privilege Escalation

Title source: llm

Description

In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to delete arbitrary local files of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the `cms.manage_assets` permission. Issue has been patched in Build 466 (v1.0.466).

References (4)

[Patch, Third Party Advisory] https://github.com/octobercms/october/commit/2b8939cc8b5b6fe81e093fe2c9f883ada4e3c8cc

View Patch ZIP pw:eip

[Patch, Third Party Advisory] https://github.com/octobercms/october/security/advisories/GHSA-jv6v-fvvx-4932

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/158730/October-CMS-Build-465-XSS-File-Read-File-Deletion-CSV-Injection.html

[Exploit, Mailing List, Third Party Advisory] http://seclists.org/fulldisclosure/2020/Aug/2

Scores

CVSS v3 6.2

EPSS 0.0062

EPSS Percentile 70.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:N

Details

CWE

CWE-610 CWE-73

Status published

Products (2)

october/cms 1.0.319 - 1.0.466Packagist

octobercms/october 1.0.319 - 1.0.466

Published Jun 03, 2020

Tracked Since Feb 18, 2026