october/cms Security Advisories for v1.0.467 (2)
-
[MEDIUM] Twig Sandbox Escape by authenticated users with access to editing CMS templates when safemode is enabled.
PKSA-z91x-b3vy-fsjy CVE-2020-15247 GHSA-94vp-rmqv-5875
Affected version: >=1.0.319,<1.0.469
Reported by:
GitHub -
[HIGH] Local File Inclusion by unauthenticated users
PKSA-yyqx-h824-x5yv CVE-2020-15246 GHSA-xwjr-6fj7-fc6h
Affected version: >=1.0.421,<1.0.469
Reported by:
GitHub