Package impact
Packagist / october/rain
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-15284 | medium | 5.4 | 6.4 | 9y ago | OctoberCMS Cross-Site Scripting | |||
| CVE-2026-25133 | medium | — | 5.5 | 2mo ago | October Rain has Stored XSS via SVG Filter Bypass | |||
| CVE-2026-25125 | medium | — | 5.5 | 2mo ago | October Rain has Environment Variable Exfiltration via INI Parser Interpolation |