Public CVE-2017-1000196 disclosure

October CMS build 412 is vulnerable to file path modification in asset move functionality resulting in creating creating malicious files on the server.