Race Condition in October CMS upload process

October/System is the system module for October CMS, a self-hosted CMS platform based on the Laravel PHP Framework. Prior to versions 1.0.476, 1.1.12, and 2.2.15, when the developer allows the user to specify their own filename in the `fromData` method, an unauthenticated user can perform remote code execution (RCE) by exploiting a race condition in the temporary storage directory. This vulnerability affects plugins that expose the `October\Rain\Database\Attach\File::fromData` as a public interface and does not affect vanilla installations of October CMS since this method is not exposed or used by the system internally or externally. The issue has been patched in Build 476 (v1.0.476), v1.1.12, and v2.2.15. Those who are unable to upgrade may apply with patch to their installation manually as a workaround.

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

使用共享资源的并发执行不恰当同步问题(竞争条件)

October CMS 竞争条件问题漏洞

October CMS是一套基于PHP和Laravel Web应用程序框架的开源内容管理系统（CMS）。 October CMS 的 October/System 1.0.476之前版本、1.1.12之前版本、2.2.15之前版本存在竞争条件问题漏洞。攻击者利用该漏洞执行远程代码。

N/A

N/A