Loading
Generated remediation guidance and an executive summary. No account required.
Cross Site Scripting vulnerability found in October CMS v.3.2.0 allows local attacker to execute arbitrary code via the file type .mp3
Use CWE-434, Octobercms vendor hub and October product page to widen CVE-2023-25365 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2025-61676, CVE-2025-61674 and CVE-2024-25837 for nearby disclosures in the same product family.