Medium severity6.1NVD Advisory· Published Nov 17, 2017· Updated Jun 17, 2026
CVE-2017-1000193
CVE-2017-1000193
Description
October CMS build 412 is vulnerable to stored WCI (a.k.a XSS) in brand logo image name resulting in JavaScript code execution in the victim's browser.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
october/octoberPackagist | < 1.0.413 | 1.0.413 |
Affected products
2Patches
Vulnerability mechanics
References
3- github.com/octobercms/october/compare/v1.0.412...v1.0.413nvdPatchWEB
- github.com/advisories/GHSA-3p6c-9xhm-8x7hghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-1000193ghsaADVISORY
News mentions
0No linked articles in our index yet.