CVE-2024-25637

LOW3.1EPSS 0.82%

October System module has a Reflected XSS via X-October-Request-Handler Header

Published: 6/26/2024Modified: 6/26/2024

Description

### Impact The X-October-Request-Handler Header does not sanitize the AJAX handler name and allows unescaped HTML to be reflected back. There is no impact since this vulnerability cannot be exploited through normal browser interactions. This unescaped value is only detectable when using a proxy interception tool. ### Patches This issue has been patched in v3.5.15. ### References Credits to: - [Mayank Mehra](mailto:[email protected]) ### For more information If you have any questions or comments about this advisory: * Email us at [[email protected]](mailto:[email protected])

Affected packages (1)

Packagist/october/system>= 3.2, < 3.5.15

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	LOW3.1	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

References (3)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2024-25637
PATCHhttps://github.com/octobercms/october
WEBhttps://github.com/octobercms/october/security/advisories/GHSA-rjw8-v7rr-r563