October CMS Build 465 XSS / File Read / File Deletion / CSV Injection
Posted on 03 August 2020
October CMS builds 465 and below suffer from arbitrary file read, arbitrary file deletion, file uploading to arbitrary locations, persistent and reflective cross site scripting, and CSV injection vulnerabilities.