Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-79jw-2f46-wv22

GitHub Security Advisory

Authenticated remote code execution in October CMS

✓ GitHub Reviewed HIGH Has CVE
View on GitHub

Advisory Details

### Impact

An authenticated user with the permissions to create, modify and delete website pages can exploit this vulnerability to bypass `cms.safe_mode` / `cms.enableSafeMode` in order to execute arbitrary code.

- This issue only affects admin panels that rely on safe mode and restricted permissions.
- To exploit this vulnerability, an attacker must first have access to the backend area.

### Patches

The issue has been patched in Build 474 (v1.0.474) and v1.1.10.

### Workarounds

Apply https://github.com/octobercms/library/commit/c393c5ce9ca2c5acc3ed6c9bb0dab5ffd61965fe to your installation manually if unable to upgrade to Build 474 or v1.1.10.

### References

Credits to:
- David Miller

### For more information

If you have any questions or comments about this advisory:
- Email us at [[email protected]](mailto:[email protected])

Affected Packages

Packagist october/system
Affected versions: 0 (fixed in 1.0.474)
Packagist october/system
Affected versions: 1.1.0 (fixed in 1.1.10)
Packagist october/system
Affected versions: 2.0.0 (fixed in 2.1.27)

Related CVEs

CVE-2022-21705

Key Information

GHSA ID
GHSA-79jw-2f46-wv22
Published
February 23, 2022 9:08 PM
Last Modified
February 25, 2022 3:37 PM
CVSS Score
7.5 /10
Primary Ecosystem
Packagist
Primary Package
october/system
GitHub Reviewed
✓ Yes

Dataset

Last updated: July 27, 2025 6:35 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.