CVE-2021-32648

Summary

Account Takeover in Octobercms

Severity

high

EPSS

90.4% (p100)

Also known as

GHSA-mxr5-mc97-63rc

Published

2021-08-30

References

• https://github.com/octobercms/october/security/advisories/GHSA-mxr5-mc97-63rc
• https://nvd.nist.gov/vuln/detail/CVE-2021-32648
• https://github.com/octobercms/library/commit/016a297b1bec55d2e53bc889458ed2cb5c3e9374

Related advisories

• CVE-2026-26067 — medium · Packagist/october/system
• CVE-2026-24907 — medium · Packagist/october/system
• CVE-2026-24906 — medium · Packagist/october/system
• CVE-2025-61676 — medium · Packagist/october/system
• CVE-2025-61674 — medium · Packagist/october/system

Is your project exposed to this? Stateward checks every dependency on every pull request and flags it only if your code actually reaches it.

Summarize with AI

ChatGPTClaudePerplexity