CVE-2020-26231 – Bypass of fix for CVE-2020-15247, Twig sandbox escape

https://notcve.org/view.php?id=CVE-2020-26231

23 Nov 2020 — October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. A bypass of CVE-2020-15247 (fixed in 1.0.469 and 1.1.0) was discovered that has the same impact as CVE-2020-15247. An authenticated backend user with the cms.manage_pages, cms.manage_layouts, or cms.manage_partials permissions who would normally not be permitted to provide PHP code to be executed by the CMS due to cms.enableSafeMode being enabled is able to write specific Twig code to escape the Twig sandbox and exe... • https://github.com/octobercms/october/commit/d34fb8ab51108495a9a651b841202d935f4e12f7 • CWE-862: Missing Authorization •