CVE advisoryKnown Exploit
CVE-2021-32648
October CMS Account Takeover Vulnerability
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A vulnerability in October CMS allows attackers to gain unauthorized account access through a crafted password reset request. This impacts organizations using affected versions of the october/system package, potentially compromising user data and system integrity. The realistic business risk involves unauthorized acces