CVE-2020-15247 — MEDIUM (5.2)

Q: How severe is CVE-2020-15247?

CVE-2020-15247 has been rated MEDIUM with a CVSS base score of 5.2/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2020-15247?

Check the references section above for vendor advisories and patch information. Affected products include: Octobercms October.

Vulnerability Description

October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.319 and before version 1.0.469, an authenticated backend user with the cms.manage_pages, cms.manage_layouts, or cms.manage_partials permissions who would normally not be permitted to provide PHP code to be executed by the CMS due to cms.enableSafeMode being enabled is able to write specific Twig code to escape the Twig sandbox and execute arbitrary PHP. This is not a problem for anyone that trusts their users with those permissions to normally write & manage PHP within the CMS by not having cms.enableSafeMode enabled, but would be a problem for anyone relying on cms.enableSafeMode to ensure that users with those permissions in production do not have access to write & execute arbitrary PHP. Issue has been patched in Build 469 (v1.0.469) and v1.1.0.

CVSS Score

5.2

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality

LOW

Integrity

LOW

Availability

LOW

Affected Products

Vendor	Product	Versions
Octobercms	October	>= 1.0.319, < 1.0.469

Related Weaknesses (CWE)

CWE-862

References

https://github.com/octobercms/october/commit/4c650bb775ab849e48202a4923bac93bd74PatchThird Party Advisory
https://github.com/octobercms/october/security/advisories/GHSA-94vp-rmqv-5875Third Party Advisory
https://github.com/octobercms/october/commit/4c650bb775ab849e48202a4923bac93bd74PatchThird Party Advisory
https://github.com/octobercms/october/security/advisories/GHSA-94vp-rmqv-5875Third Party Advisory

FAQ

What is CVE-2020-15247?

CVE-2020-15247 is a vulnerability with a CVSS score of 5.2 (MEDIUM). October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.319 and before version 1.0.469, an authenticated backend user with the cms....

How severe is CVE-2020-15247?

CVE-2020-15247 has been rated MEDIUM with a CVSS base score of 5.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-15247?

Check the references section above for vendor advisories and patch information. Affected products include: Octobercms October.