Security Advisory

CVE-2021-32648

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-08-26 19:00:12

Last updated 2025-10-21 23:25:36

Assigner GitHub_M

State PUBLISHED

Description

octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october/system package an attacker can request an account password reset and then gain access to the account using a specially crafted request. The issue has been patched in Build 472 and v1.1.5.

← Browse all CVEs View on cve.org ↗