Impact
Assuming an administrator once had previous access to the admin interface, they may still be able to # to the backend using October CMS v2.0.
Patches
The issue has been patched in v2.1.12
Workarounds
References
Credits to:
• Daniel Bidala
For more information
If you have any questions or comments about this advisory:
Impact
Assuming an administrator once had previous access to the admin interface, they may still be able to # to the backend using October CMS v2.0.
Patches
The issue has been patched in v2.1.12
Workarounds
Reset the password of the deleted accounts to prevent them from signing in.
Please contact hello@octobercms.com for code change instructions if you are unable to upgrade.
References
Credits to:
• Daniel Bidala
For more information
If you have any questions or comments about this advisory: