Skip to content

Arbitrary File Deletion by authenticated backend user with cms.manage_assets permission

Moderate
LukeTowers published GHSA-jv6v-fvvx-4932 Jun 2, 2020

Package

composer october/cms (Composer)

Affected versions

>= 1.0.319, < 1.0.466

Patched versions

1.0.466

Description

Impact

An attacker can exploit this vulnerability to delete arbitrary local files of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the cms.manage_assets permission.

Patches

Issue has been patched in Build 466 (v1.0.466).

Workarounds

Apply 2b8939c to your installation manually if unable to upgrade to Build 466.

References

Reported by Sivanesh Ashok

For more information

If you have any questions or comments about this advisory:

Threat assessment:

Screen Shot 2020-03-31 at 12 16 53 PM

Severity

Moderate

CVE ID

CVE-2020-5296

Weaknesses

No CWEs

Credits