Vulnerabilities > Octobercms > October > 3.2.0

DATE CVE VULNERABILITY TITLE RISK
2024-02-08 CVE-2023-25365 Unrestricted Upload of File with Dangerous Type vulnerability in Octobercms October 3.2.0
Cross Site Scripting vulnerability found in October CMS v.3.2.0 allows local attacker to execute arbitrary code via the file type .mp3
local
low complexity
octobercms CWE-434
7.8
7.8
2023-12-01 CVE-2023-44381 Code Injection vulnerability in Octobercms October
October is a Content Management System (CMS) and web platform to assist with development workflow.
network
low complexity
octobercms CWE-94
4.9
4.9
2023-12-01 CVE-2023-44382 Code Injection vulnerability in Octobercms October
October is a Content Management System (CMS) and web platform to assist with development workflow.
network
low complexity
octobercms CWE-94
critical
 9.1
9.1
2023-11-29 CVE-2023-44383 Cross-site Scripting vulnerability in Octobercms October
October is a Content Management System (CMS) and web platform to assist with development workflow.
network
low complexity
octobercms CWE-79
5.4
5.4