october/backend vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2021-21265Lowoctober/backend: October CMS vulnerable to Potential Host Header Poisoning on misconfigured serversCVE-2020-15249Lowoctober/backend: Stored XSS by authenticated backend user with access to upload filesCVE-2020-15248Lowoctober/backend: Privilege escalation by backend users assigned to the default "Publisher" system roleCVE-2020-11083Lowoctober/backend: Stored XSS in OctoberCVE-2020-4061Lowoctober/backend: Cross-site Scripting in OctoberCVE-2020-5299Mediumoctober/backend: Potential CSV Injection vector in OctoberCMSCVE-2020-5298Mediumoctober/backend: Reflected XSS when importing CSV in OctoberCMS

Stop the waste.
Protect your environment with Kodem.