october/backend Security Advisories for v1.0.469 (2)
-
[LOW] Potential Host Header Poisoning on misconfigured servers
PKSA-qdcz-hc2r-sgmp CVE-2021-21265 GHSA-xhfx-hgmf-v6vp
Affected version: <1.1.2
Reported by:
GitHub -
[LOW] Privilege escalation by backend users assigned to the default "Publisher" system role
PKSA-n1yr-6tth-9x9n CVE-2020-15248 GHSA-rfjc-xrmf-5vvw
Affected version: >=1.0.319,<1.0.470
Reported by:
GitHub