Arbitrary Code Execution via Cross Site Scripting (XSS) Vulnerability in October CMS v3.2.0 with .mp3 File Type

Arbitrary Code Execution via Cross Site Scripting (XSS) Vulnerability in October CMS v3.2.0 with .mp3 File Type

CVE-2023-25365 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Cross Site Scripting vulnerability found in October CMS v.3.2.0 allows local attacker to execute arbitrary code via the file type .mp3

Learn more about our Cms Pen Testing.