Vulnerabilities > Octobercms > October > 1.0.429
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-23 | CVE-2018-1999008 | Cross-site Scripting vulnerability in Octobercms October October CMS version prior to build 437 contains a Cross Site Scripting (XSS) vulnerability in the Media module and create folder functionality that can result in an Authenticated user with media module permission creating arbitrary folder name with XSS content. | 3.5 |
| 2018-02-18 | CVE-2018-7198 | Cross-site Scripting vulnerability in Octobercms October October CMS through 1.0.431 allows XSS by entering HTML on the Add Posts page. | 4.3 |