Vulnerabilities > Octobercms > October > 1.0.436
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-07-23 | CVE-2018-1999008 | Cross-site Scripting vulnerability in Octobercms October October CMS version prior to build 437 contains a Cross Site Scripting (XSS) vulnerability in the Media module and create folder functionality that can result in an Authenticated user with media module permission creating arbitrary folder name with XSS content. | 5.4 |