Vulnerabilities > Octobercms > October > 3.4.16

DATE CVE VULNERABILITY TITLE RISK
2023-11-29 CVE-2023-44383 Cross-site Scripting vulnerability in Octobercms October
October is a Content Management System (CMS) and web platform to assist with development workflow.
network
low complexity
octobercms CWE-79
5.4
5.4
2023-09-28 CVE-2023-43876 Cross-site Scripting vulnerability in Octobercms October 3.4.16
A Cross-Site Scripting (XSS) vulnerability in installation of October v.3.4.16 allows an attacker to execute arbitrary web scripts via a crafted payload injected into the dbhost field.
network
low complexity
octobercms CWE-79
5.4
5.4