Filtered by vendor Silverstripe
Subscriptions
Total
85 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-6164 | 1 Silverstripe | 1 Silverstripe | 2024-08-04 | 7.5 High |
| In SilverStripe through 4.5.0, a specific URL path configured by default through the silverstripe/framework module can be used to disclose the fact that a domain is hosting a Silverstripe application. There is no disclosure of the specific version. The functionality on this URL path is limited to execution in a CLI context, and is not known to present a vulnerability through web-based access. As a side-effect, this preconfigured path also blocks the creation of other resources on this path (e.g. a page). | ||||
| CVE-2021-41559 | 1 Silverstripe | 1 Silverstripe | 2024-08-04 | 6.5 Medium |
| Silverstripe silverstripe/framework 4.8.1 has a quadratic blowup in Convert::xml2array() that enables a remote attack via a crafted XML document. | ||||
| CVE-2021-36150 | 1 Silverstripe | 1 Silverstripe | 2024-08-04 | 6.1 Medium |
| SilverStripe Framework through 4.8.1 allows XSS. | ||||
| CVE-2021-28661 | 1 Silverstripe | 1 Silverstripe | 2024-08-03 | 4.3 Medium |
| Default SilverStripe GraphQL Server (aka silverstripe/graphql) 3.x through 3.4.1 permission checker not inherited by query subclass. | ||||
| CVE-2022-42949 | 1 Silverstripe | 1 Subsites | 2024-08-03 | 7.5 High |
| Silverstripe silverstripe/subsites through 2.6.0 has Insecure Permissions. | ||||
| CVE-2022-38724 | 1 Silverstripe | 3 Asset Admin, Assets, Framework | 2024-08-03 | 5.4 Medium |
| Silverstripe silverstripe/framework through 4.11.0, silverstripe/assets through 1.11.0, and silverstripe/asset-admin through 1.11.0 allow XSS. | ||||
| CVE-2022-38462 | 1 Silverstripe | 1 Framework | 2024-08-03 | 6.1 Medium |
| Silverstripe silverstripe/framework through 4.11 is vulnerable to XSS by carefully crafting a return URL on a /dev/build or /Security/login request. | ||||
| CVE-2022-38148 | 1 Silverstripe | 1 Framework | 2024-08-03 | 8.8 High |
| Silverstripe silverstripe/framework through 4.11 allows SQL Injection. | ||||
| CVE-2022-38147 | 1 Silverstripe | 1 Framework | 2024-08-03 | 5.4 Medium |
| Silverstripe silverstripe/framework through 4.11 allows XSS (issue 3 of 3). | ||||
| CVE-2022-38145 | 1 Silverstripe | 1 Framework | 2024-08-03 | 5.4 Medium |
| Silverstripe silverstripe/framework through 4.11 allows XSS (issue 1 of 3) via remote attackers adding a Javascript payload to a page's meta description and get it executed in the versioned history compare view. | ||||
| CVE-2022-38146 | 1 Silverstripe | 1 Framework | 2024-08-03 | 5.4 Medium |
| Silverstripe silverstripe/framework through 4.11 allows XSS (issue 2 of 3). | ||||
| CVE-2022-37430 | 1 Silverstripe | 1 Framework | 2024-08-03 | 5.4 Medium |
| Silverstripe silverstripe/framework through 4.11 allows XSS vulnerability via href attribute of a link (issue 2 of 2). | ||||
| CVE-2022-37421 | 1 Silverstripe | 1 Silverstripe | 2024-08-03 | 5.4 Medium |
| Silverstripe silverstripe/cms through 4.11.0 allows XSS. | ||||
| CVE-2022-37429 | 1 Silverstripe | 1 Framework | 2024-08-03 | 5.4 Medium |
| Silverstripe silverstripe/framework through 4.11 allows XSS (issue 1 of 2) via JavaScript payload to the href attribute of a link by splitting a javascript URL with white space characters. | ||||
| CVE-2022-29858 | 1 Silverstripe | 1 Assets | 2024-08-03 | 4.3 Medium |
| Silverstripe silverstripe/assets through 1.10 is vulnerable to improper access control that allows protected images to be published by changing an existing image short code on website content. | ||||
| CVE-2022-29254 | 1 Silverstripe | 1 Silverstripe-omnipay | 2024-08-03 | 3.7 Low |
| silverstripe-omnipay is a SilverStripe integration with Omnipay PHP payments library. For a subset of Omnipay gateways (those that use intermediary states like `isNotification()` or `isRedirect()`), if the payment identifier or success URL is exposed it is possible for payments to be prematurely marked as completed without payment being taken. This is mitigated by the fact that most payment gateways hide this information from users, however some issuing banks offer flawed 3DSecure implementations that may inadvertently expose this data. The following versions have been patched to fix this issue: `2.5.2`, `3.0.2`, `3.1.4`, and `3.2.1`. There are no known workarounds for this vulnerability. | ||||
| CVE-2022-28803 | 1 Silverstripe | 1 Silverstripe | 2024-08-03 | 5.4 Medium |
| In SilverStripe Framework through 2022-04-07, Stored XSS can occur in javascript link tags added via XMLHttpRequest (XHR). | ||||
| CVE-2022-25238 | 1 Silverstripe | 1 Framework | 2024-08-03 | 5.4 Medium |
| Silverstripe silverstripe/framework through 4.10.0 allows XSS, inside of script tags that can can be added to website content via XHR by an authenticated CMS user if the cwp-core module is not installed on the sanitise_server_side contig is not set to true in project code. | ||||
| CVE-2022-24444 | 1 Silverstripe | 1 Silverstripe | 2024-08-03 | 6.5 Medium |
| Silverstripe silverstripe/framework through 4.10 allows Session Fixation. | ||||
| CVE-2023-49783 | 1 Silverstripe | 1 Admin | 2024-08-02 | 4.3 Medium |
| Silverstripe Admin provides a basic management interface for the Silverstripe Framework. In versions on the 1.x branch prior to 1.13.19 and on the 2.x branch prior to 2.1.8, users who don't have edit or delete permissions for records exposed in a `ModelAdmin` can still edit or delete records using the CSV import form, provided they have create permissions. The likelihood of a user having create permissions but not having edit or delete permissions is low, but it is possible. Note that this doesn't affect any `ModelAdmin` which has had the import form disabled via the `showImportForm` public property. Versions 1.13.19 and 2.1.8 contain a patch for the issue. Those who have a custom implementation of `BulkLoader` should update their implementations to respect permissions when the return value of `getCheckPermissions()` is true. Those who use any `BulkLoader` in their own project logic, or maintain a module which uses it, should consider passing `true` to `setCheckPermissions()` if the data is provided by users. | ||||