October CMS build 412 is vulnerable to file path modification in asset move functionality resulting in creating creating malicious files on the server.
octobercms october