Impact
An attacker can request an account password reset and then gain access to the account using a specially crafted request.
- To exploit this vulnerability, an attacker must know the username of an administrator and have access to the password reset form.
Patches
Workarounds
Apply octobercms/library@016a297 and octobercms/library@5bd1a28 to your installation manually if you are unable to upgrade.
[Update 2022-01-20] Shortened patch instructions can be found here.
Recommendations
We recommend the following steps to make sure your server stays secure:
- Keep server OS and system software up to date.
- Keep October CMS software up to date.
- Use a multi-factor authentication plugin.
- Change the default backend URL or block public access to the backend area.
- Include the Roave/SecurityAdvisories Composer package to ensure that your application doesn't have installed dependencies with known security vulnerabilities.
References
Bugs found as part of Solar Security CMS Research. Credits to:
• Andrey Basarygin
• Andrey Guzei
• Mikhail Khramenkov
• Alexander Sidukov
• Maxim Teplykh
For more information
If you have any questions or comments about this advisory:
Impact
An attacker can request an account password reset and then gain access to the account using a specially crafted request.
Patches
Workarounds
Apply octobercms/library@016a297 and octobercms/library@5bd1a28 to your installation manually if you are unable to upgrade.
[Update 2022-01-20] Shortened patch instructions can be found here.
Recommendations
We recommend the following steps to make sure your server stays secure:
References
Bugs found as part of Solar Security CMS Research. Credits to:
• Andrey Basarygin
• Andrey Guzei
• Mikhail Khramenkov
• Alexander Sidukov
• Maxim Teplykh
For more information
If you have any questions or comments about this advisory: