 
                        We found results for “”
CVE-2021-41126
Date: October 6, 2021
October is a Content Management System (CMS) and web platform built on the the Laravel PHP Framework. In affected versions administrator accounts which had previously been deleted may still be able to sign in to the backend using October CMS v2.0. The issue has been patched in v2.1.12 of the october/october package. There are no workarounds for this issue and all users should update.
Language: PHP
Severity Score
Severity Score
Weakness Type (CWE)
Improper Authentication
CWE-287CVSS v3.1
| Base Score: |  | 
|---|---|
| Attack Vector (AV): | NETWORK | 
| Attack Complexity (AC): | LOW | 
| Privileges Required (PR): | HIGH | 
| User Interaction (UI): | NONE | 
| Scope (S): | UNCHANGED | 
| Confidentiality (C): | HIGH | 
| Integrity (I): | HIGH | 
| Availability (A): | HIGH | 
CVSS v2
| Base Score: |  | 
|---|---|
| Access Vector (AV): | NETWORK | 
| Access Complexity (AC): | LOW | 
| Authentication (AU): | SINGLE | 
| Confidentiality (C): | PARTIAL | 
| Integrity (I): | PARTIAL | 
| Availability (A): | PARTIAL | 
| Additional information: | 
 Vulnerabilities
                        Vulnerabilities
                 Projects
                        Projects
                 Vulnerability Disclosure
                        Vulnerability Disclosure
                 About Us
                    About Us
                 Contact Us
                    Contact Us
                

