Vulnerability: PHP Object Injection in October CMS Build 412 Asset Move Functionality

Vulnerability: PHP Object Injection in October CMS Build 412 Asset Move Functionality

CVE-2017-1000195 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:P

October CMS build 412 is vulnerable to PHP object injection in asset move functionality resulting in ability to delete files limited by file permissions on the server.

Learn more about our Cis Benchmark Audit For Server Software.