Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/silverstripe/framework@3.4.4-rc1
Typecomposer
Namespacesilverstripe
Nameframework
Version3.4.4-rc1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version5.3.23
Latest_non_vulnerable_version6.0.0-alpha1
Affected_by_vulnerabilities
0
url VCID-2b81-t1vt-3uar
vulnerability_id VCID-2b81-t1vt-3uar
summary silverstripe/framework member disclosure in login form
references
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2017-002-1.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2017-002-1.yaml
1
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
2
reference_url https://github.com/silverstripe/silverstripe-framework/commit/f71efb5063c57d823dd130b9bfd018f6ef903d49
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/commit/f71efb5063c57d823dd130b9bfd018f6ef903d49
3
reference_url https://www.silverstripe.org/download/security-releases/ss-2017-002
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/ss-2017-002
4
reference_url https://github.com/advisories/GHSA-g84q-cq55-xwgp
reference_id GHSA-g84q-cq55-xwgp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g84q-cq55-xwgp
fixed_packages
0
url pkg:composer/silverstripe/framework@3.4.6
purl pkg:composer/silverstripe/framework@3.4.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-3497-71mw-yqh8
2
vulnerability VCID-4mg2-rjsn-qyfx
3
vulnerability VCID-4qq2-bbj1-8fdb
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-7kmy-8ht6-8fcw
6
vulnerability VCID-89jy-34ks-5kds
7
vulnerability VCID-8csb-m7rv-xyh2
8
vulnerability VCID-9vwe-uejx-c3c5
9
vulnerability VCID-adng-1x6w-2baj
10
vulnerability VCID-cskj-c9ur-47dj
11
vulnerability VCID-d1ap-2u1x-y7gg
12
vulnerability VCID-d6gt-9mst-dub4
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-k1aa-deyg-2kdg
18
vulnerability VCID-k2xa-uwrr-ffez
19
vulnerability VCID-k6ed-y2ud-wffu
20
vulnerability VCID-kcq9-5h99-abct
21
vulnerability VCID-m2bw-tabk-qyd8
22
vulnerability VCID-mvra-6wnv-xya1
23
vulnerability VCID-nzdu-xh5w-27g7
24
vulnerability VCID-pq7w-n99a-q7cj
25
vulnerability VCID-qrhh-c86j-rqe6
26
vulnerability VCID-tp75-2k7m-6yaw
27
vulnerability VCID-txyu-4qkf-r3cs
28
vulnerability VCID-vrv4-sy3z-jfe2
29
vulnerability VCID-x6g5-a61e-3khu
30
vulnerability VCID-xazf-vmz5-r3dj
31
vulnerability VCID-ywfx-pjg6-aqcj
32
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.4.6
1
url pkg:composer/silverstripe/framework@3.5.4
purl pkg:composer/silverstripe/framework@3.5.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2af9-znrv-3bf7
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-3497-71mw-yqh8
3
vulnerability VCID-4mg2-rjsn-qyfx
4
vulnerability VCID-4qq2-bbj1-8fdb
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-7kmy-8ht6-8fcw
7
vulnerability VCID-8csb-m7rv-xyh2
8
vulnerability VCID-9vwe-uejx-c3c5
9
vulnerability VCID-adng-1x6w-2baj
10
vulnerability VCID-cskj-c9ur-47dj
11
vulnerability VCID-d1ap-2u1x-y7gg
12
vulnerability VCID-d6gt-9mst-dub4
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-hp6e-75gr-uuan
18
vulnerability VCID-hsfb-xx67-7qg6
19
vulnerability VCID-k1aa-deyg-2kdg
20
vulnerability VCID-k2xa-uwrr-ffez
21
vulnerability VCID-k6ed-y2ud-wffu
22
vulnerability VCID-k8vz-xw7w-e3dg
23
vulnerability VCID-kcq9-5h99-abct
24
vulnerability VCID-m2bw-tabk-qyd8
25
vulnerability VCID-mvra-6wnv-xya1
26
vulnerability VCID-nzdu-xh5w-27g7
27
vulnerability VCID-pq7w-n99a-q7cj
28
vulnerability VCID-qrhh-c86j-rqe6
29
vulnerability VCID-tp75-2k7m-6yaw
30
vulnerability VCID-txyu-4qkf-r3cs
31
vulnerability VCID-vrv4-sy3z-jfe2
32
vulnerability VCID-x6g5-a61e-3khu
33
vulnerability VCID-xazf-vmz5-r3dj
34
vulnerability VCID-yhh9-rkh9-rqeu
35
vulnerability VCID-ywfx-pjg6-aqcj
36
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.5.4
aliases GHSA-g84q-cq55-xwgp
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2b81-t1vt-3uar
1
url VCID-2uck-cp19-v3e9
vulnerability_id VCID-2uck-cp19-v3e9
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-37421
reference_id
reference_type
scores
0
value 0.00322
scoring_system epss
scoring_elements 0.55469
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-37421
1
reference_url https://forum.silverstripe.org/c/releases
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T20:34:09Z/
url https://forum.silverstripe.org/c/releases
2
reference_url https://www.silverstripe.org/blog/tag/release
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T20:34:09Z/
url https://www.silverstripe.org/blog/tag/release
3
reference_url https://www.silverstripe.org/download/security-releases
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases
4
reference_url https://www.silverstripe.org/download/security-releases/
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T20:34:09Z/
url https://www.silverstripe.org/download/security-releases/
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-37421
reference_id CVE-2022-37421
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-37421
6
reference_url https://www.silverstripe.org/download/security-releases/cve-2022-37421
reference_id CVE-2022-37421
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/cve-2022-37421
7
reference_url https://www.silverstripe.org/download/security-releases/CVE-2022-37421
reference_id CVE-2022-37421
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T20:34:09Z/
url https://www.silverstripe.org/download/security-releases/CVE-2022-37421
8
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/cms/CVE-2022-37421.yaml
reference_id CVE-2022-37421.YAML
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/cms/CVE-2022-37421.yaml
9
reference_url https://github.com/advisories/GHSA-pp74-g2q5-j4jf
reference_id GHSA-pp74-g2q5-j4jf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pp74-g2q5-j4jf
fixed_packages
0
url pkg:composer/silverstripe/framework@4.11.3
purl pkg:composer/silverstripe/framework@4.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-4qq2-bbj1-8fdb
2
vulnerability VCID-4vmq-kug8-dug8
3
vulnerability VCID-adng-1x6w-2baj
4
vulnerability VCID-d1ap-2u1x-y7gg
5
vulnerability VCID-d6gt-9mst-dub4
6
vulnerability VCID-ewqs-8fqc-b3hk
7
vulnerability VCID-gr5g-7tkc-2kfa
8
vulnerability VCID-k2xa-uwrr-ffez
9
vulnerability VCID-kcq9-5h99-abct
10
vulnerability VCID-nzdu-xh5w-27g7
11
vulnerability VCID-txyu-4qkf-r3cs
12
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.11.3
aliases CVE-2022-37421, GHSA-pp74-g2q5-j4jf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2uck-cp19-v3e9
2
url VCID-3497-71mw-yqh8
vulnerability_id VCID-3497-71mw-yqh8
summary SilverStripe allowss Reflected SQL Injection through Form and `DataObject`.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-5715
reference_id
reference_type
scores
0
value 0.00322
scoring_system epss
scoring_elements 0.55522
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-5715
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-5715.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-5715.yaml
2
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
3
reference_url https://github.com/silverstripe/silverstripe-framework/issues/8814
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/issues/8814
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-5715
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-5715
5
reference_url https://www.silverstripe.org/download/security-releases
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases
6
reference_url https://www.silverstripe.org/download/security-releases/ss-2018-021
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/ss-2018-021
fixed_packages
0
url pkg:composer/silverstripe/framework@3.6.7
purl pkg:composer/silverstripe/framework@3.6.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-4mg2-rjsn-qyfx
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-5ccd-zu9e-yfgp
4
vulnerability VCID-7kmy-8ht6-8fcw
5
vulnerability VCID-8csb-m7rv-xyh2
6
vulnerability VCID-8z35-2baj-cqdb
7
vulnerability VCID-9vwe-uejx-c3c5
8
vulnerability VCID-adng-1x6w-2baj
9
vulnerability VCID-cskj-c9ur-47dj
10
vulnerability VCID-d1ap-2u1x-y7gg
11
vulnerability VCID-d6gt-9mst-dub4
12
vulnerability VCID-djww-2v4e-qkb2
13
vulnerability VCID-ewqs-8fqc-b3hk
14
vulnerability VCID-fn6y-hytc-r3b5
15
vulnerability VCID-gr5g-7tkc-2kfa
16
vulnerability VCID-k1aa-deyg-2kdg
17
vulnerability VCID-k2xa-uwrr-ffez
18
vulnerability VCID-k6ed-y2ud-wffu
19
vulnerability VCID-kcq9-5h99-abct
20
vulnerability VCID-m2bw-tabk-qyd8
21
vulnerability VCID-mvra-6wnv-xya1
22
vulnerability VCID-nzdu-xh5w-27g7
23
vulnerability VCID-qrhh-c86j-rqe6
24
vulnerability VCID-tp75-2k7m-6yaw
25
vulnerability VCID-txyu-4qkf-r3cs
26
vulnerability VCID-x6g5-a61e-3khu
27
vulnerability VCID-ywfx-pjg6-aqcj
28
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.6.7
1
url pkg:composer/silverstripe/framework@3.7.3
purl pkg:composer/silverstripe/framework@3.7.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-4mg2-rjsn-qyfx
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-5ccd-zu9e-yfgp
4
vulnerability VCID-7kmy-8ht6-8fcw
5
vulnerability VCID-8csb-m7rv-xyh2
6
vulnerability VCID-9vwe-uejx-c3c5
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d6gt-9mst-dub4
11
vulnerability VCID-djww-2v4e-qkb2
12
vulnerability VCID-ewqs-8fqc-b3hk
13
vulnerability VCID-fn6y-hytc-r3b5
14
vulnerability VCID-gr5g-7tkc-2kfa
15
vulnerability VCID-k1aa-deyg-2kdg
16
vulnerability VCID-k2xa-uwrr-ffez
17
vulnerability VCID-k6ed-y2ud-wffu
18
vulnerability VCID-kcq9-5h99-abct
19
vulnerability VCID-m2bw-tabk-qyd8
20
vulnerability VCID-mvra-6wnv-xya1
21
vulnerability VCID-nzdu-xh5w-27g7
22
vulnerability VCID-qrhh-c86j-rqe6
23
vulnerability VCID-tp75-2k7m-6yaw
24
vulnerability VCID-txyu-4qkf-r3cs
25
vulnerability VCID-x6g5-a61e-3khu
26
vulnerability VCID-ywfx-pjg6-aqcj
27
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.7.3
2
url pkg:composer/silverstripe/framework@4.0.7
purl pkg:composer/silverstripe/framework@4.0.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4mg2-rjsn-qyfx
3
vulnerability VCID-4qq2-bbj1-8fdb
4
vulnerability VCID-4vmq-kug8-dug8
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-5j19-xx5v-fkck
7
vulnerability VCID-7kmy-8ht6-8fcw
8
vulnerability VCID-8csb-m7rv-xyh2
9
vulnerability VCID-9vwe-uejx-c3c5
10
vulnerability VCID-adng-1x6w-2baj
11
vulnerability VCID-cskj-c9ur-47dj
12
vulnerability VCID-d1ap-2u1x-y7gg
13
vulnerability VCID-d62k-jng6-5fd8
14
vulnerability VCID-d6gt-9mst-dub4
15
vulnerability VCID-dgmv-7v1e-k3b9
16
vulnerability VCID-djww-2v4e-qkb2
17
vulnerability VCID-ewqs-8fqc-b3hk
18
vulnerability VCID-fn6y-hytc-r3b5
19
vulnerability VCID-gr5g-7tkc-2kfa
20
vulnerability VCID-hj46-jp5w-ckd1
21
vulnerability VCID-jc9t-3hb5-z3g5
22
vulnerability VCID-k2xa-uwrr-ffez
23
vulnerability VCID-kcq9-5h99-abct
24
vulnerability VCID-m2bw-tabk-qyd8
25
vulnerability VCID-mvra-6wnv-xya1
26
vulnerability VCID-nzdu-xh5w-27g7
27
vulnerability VCID-qrhh-c86j-rqe6
28
vulnerability VCID-txyu-4qkf-r3cs
29
vulnerability VCID-x6g5-a61e-3khu
30
vulnerability VCID-ywfx-pjg6-aqcj
31
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.7
3
url pkg:composer/silverstripe/framework@4.1.5
purl pkg:composer/silverstripe/framework@4.1.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4mg2-rjsn-qyfx
3
vulnerability VCID-4qq2-bbj1-8fdb
4
vulnerability VCID-4vmq-kug8-dug8
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-5j19-xx5v-fkck
7
vulnerability VCID-7kmy-8ht6-8fcw
8
vulnerability VCID-8bkg-xn4y-nydr
9
vulnerability VCID-8csb-m7rv-xyh2
10
vulnerability VCID-9vwe-uejx-c3c5
11
vulnerability VCID-adng-1x6w-2baj
12
vulnerability VCID-cskj-c9ur-47dj
13
vulnerability VCID-d1ap-2u1x-y7gg
14
vulnerability VCID-d62k-jng6-5fd8
15
vulnerability VCID-d6gt-9mst-dub4
16
vulnerability VCID-dgmv-7v1e-k3b9
17
vulnerability VCID-djww-2v4e-qkb2
18
vulnerability VCID-ewqs-8fqc-b3hk
19
vulnerability VCID-fn6y-hytc-r3b5
20
vulnerability VCID-gr5g-7tkc-2kfa
21
vulnerability VCID-hj46-jp5w-ckd1
22
vulnerability VCID-jc9t-3hb5-z3g5
23
vulnerability VCID-k2xa-uwrr-ffez
24
vulnerability VCID-kcq9-5h99-abct
25
vulnerability VCID-m2bw-tabk-qyd8
26
vulnerability VCID-mvra-6wnv-xya1
27
vulnerability VCID-nzdu-xh5w-27g7
28
vulnerability VCID-qrhh-c86j-rqe6
29
vulnerability VCID-txyu-4qkf-r3cs
30
vulnerability VCID-x6g5-a61e-3khu
31
vulnerability VCID-ywfx-pjg6-aqcj
32
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.1.5
4
url pkg:composer/silverstripe/framework@4.2.4
purl pkg:composer/silverstripe/framework@4.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4mg2-rjsn-qyfx
3
vulnerability VCID-4qq2-bbj1-8fdb
4
vulnerability VCID-4vmq-kug8-dug8
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-5j19-xx5v-fkck
7
vulnerability VCID-7kmy-8ht6-8fcw
8
vulnerability VCID-8bkg-xn4y-nydr
9
vulnerability VCID-8csb-m7rv-xyh2
10
vulnerability VCID-9vwe-uejx-c3c5
11
vulnerability VCID-adng-1x6w-2baj
12
vulnerability VCID-cskj-c9ur-47dj
13
vulnerability VCID-d1ap-2u1x-y7gg
14
vulnerability VCID-d62k-jng6-5fd8
15
vulnerability VCID-d6gt-9mst-dub4
16
vulnerability VCID-dgmv-7v1e-k3b9
17
vulnerability VCID-djww-2v4e-qkb2
18
vulnerability VCID-ewqs-8fqc-b3hk
19
vulnerability VCID-fn6y-hytc-r3b5
20
vulnerability VCID-gr5g-7tkc-2kfa
21
vulnerability VCID-hj46-jp5w-ckd1
22
vulnerability VCID-jc9t-3hb5-z3g5
23
vulnerability VCID-k2xa-uwrr-ffez
24
vulnerability VCID-kcq9-5h99-abct
25
vulnerability VCID-m2bw-tabk-qyd8
26
vulnerability VCID-mvra-6wnv-xya1
27
vulnerability VCID-nzdu-xh5w-27g7
28
vulnerability VCID-qrhh-c86j-rqe6
29
vulnerability VCID-txyu-4qkf-r3cs
30
vulnerability VCID-x6g5-a61e-3khu
31
vulnerability VCID-ywfx-pjg6-aqcj
32
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.2.4
5
url pkg:composer/silverstripe/framework@4.3.1
purl pkg:composer/silverstripe/framework@4.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4mg2-rjsn-qyfx
3
vulnerability VCID-4qq2-bbj1-8fdb
4
vulnerability VCID-4vmq-kug8-dug8
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-5j19-xx5v-fkck
7
vulnerability VCID-7kmy-8ht6-8fcw
8
vulnerability VCID-8bkg-xn4y-nydr
9
vulnerability VCID-8csb-m7rv-xyh2
10
vulnerability VCID-9vwe-uejx-c3c5
11
vulnerability VCID-adng-1x6w-2baj
12
vulnerability VCID-cskj-c9ur-47dj
13
vulnerability VCID-d1ap-2u1x-y7gg
14
vulnerability VCID-d62k-jng6-5fd8
15
vulnerability VCID-d6gt-9mst-dub4
16
vulnerability VCID-dgmv-7v1e-k3b9
17
vulnerability VCID-djww-2v4e-qkb2
18
vulnerability VCID-ewqs-8fqc-b3hk
19
vulnerability VCID-fn6y-hytc-r3b5
20
vulnerability VCID-gr5g-7tkc-2kfa
21
vulnerability VCID-hj46-jp5w-ckd1
22
vulnerability VCID-jc9t-3hb5-z3g5
23
vulnerability VCID-k2xa-uwrr-ffez
24
vulnerability VCID-kcq9-5h99-abct
25
vulnerability VCID-m2bw-tabk-qyd8
26
vulnerability VCID-mvra-6wnv-xya1
27
vulnerability VCID-nzdu-xh5w-27g7
28
vulnerability VCID-qrhh-c86j-rqe6
29
vulnerability VCID-txyu-4qkf-r3cs
30
vulnerability VCID-x6g5-a61e-3khu
31
vulnerability VCID-ywfx-pjg6-aqcj
32
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.1
aliases CVE-2019-5715, GHSA-wvfw-w3x6-g526
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3497-71mw-yqh8
3
url VCID-4mg2-rjsn-qyfx
vulnerability_id VCID-4mg2-rjsn-qyfx
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12203
reference_id
reference_type
scores
0
value 0.00054
scoring_system epss
scoring_elements 0.17126
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12203
1
reference_url https://forum.silverstripe.org/c/releases
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://forum.silverstripe.org/c/releases
2
reference_url https://github.com/silverstripe/silverstripe-framework/blob/4/docs/en/04_Changelogs/4.4.4.md#444
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/blob/4/docs/en/04_Changelogs/4.4.4.md#444
3
reference_url https://www.silverstripe.org/download/security-releases
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases
4
reference_url https://www.silverstripe.org/download/security-releases/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/
5
reference_url https://www.silverstripe.org/download/security-releases/cve-2019-12203
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/cve-2019-12203
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-12203
reference_id CVE-2019-12203
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-12203
7
reference_url https://www.silverstripe.org/download/security-releases/cve-2019-12203/
reference_id CVE-2019-12203
reference_type
scores
url https://www.silverstripe.org/download/security-releases/cve-2019-12203/
8
reference_url https://www.silverstripe.org/download/security-releases/CVE-2019-12203
reference_id CVE-2019-12203
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/CVE-2019-12203
9
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-12203.yaml
reference_id CVE-2019-12203.YAML
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-12203.yaml
10
reference_url https://github.com/advisories/GHSA-w7r7-r8r9-vrg2
reference_id GHSA-w7r7-r8r9-vrg2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w7r7-r8r9-vrg2
fixed_packages
0
url pkg:composer/silverstripe/framework@3.6.8
purl pkg:composer/silverstripe/framework@3.6.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-4mg2-rjsn-qyfx
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-5ccd-zu9e-yfgp
4
vulnerability VCID-7kmy-8ht6-8fcw
5
vulnerability VCID-8csb-m7rv-xyh2
6
vulnerability VCID-8z35-2baj-cqdb
7
vulnerability VCID-9vwe-uejx-c3c5
8
vulnerability VCID-adng-1x6w-2baj
9
vulnerability VCID-cskj-c9ur-47dj
10
vulnerability VCID-d1ap-2u1x-y7gg
11
vulnerability VCID-d6gt-9mst-dub4
12
vulnerability VCID-djww-2v4e-qkb2
13
vulnerability VCID-ewqs-8fqc-b3hk
14
vulnerability VCID-fn6y-hytc-r3b5
15
vulnerability VCID-gr5g-7tkc-2kfa
16
vulnerability VCID-k1aa-deyg-2kdg
17
vulnerability VCID-k2xa-uwrr-ffez
18
vulnerability VCID-k6ed-y2ud-wffu
19
vulnerability VCID-kcq9-5h99-abct
20
vulnerability VCID-m2bw-tabk-qyd8
21
vulnerability VCID-mvra-6wnv-xya1
22
vulnerability VCID-nzdu-xh5w-27g7
23
vulnerability VCID-qrhh-c86j-rqe6
24
vulnerability VCID-tp75-2k7m-6yaw
25
vulnerability VCID-txyu-4qkf-r3cs
26
vulnerability VCID-x6g5-a61e-3khu
27
vulnerability VCID-ywfx-pjg6-aqcj
28
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.6.8
1
url pkg:composer/silverstripe/framework@3.7.4
purl pkg:composer/silverstripe/framework@3.7.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-4mg2-rjsn-qyfx
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-5ccd-zu9e-yfgp
4
vulnerability VCID-7kmy-8ht6-8fcw
5
vulnerability VCID-8csb-m7rv-xyh2
6
vulnerability VCID-9vwe-uejx-c3c5
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d6gt-9mst-dub4
11
vulnerability VCID-djww-2v4e-qkb2
12
vulnerability VCID-ewqs-8fqc-b3hk
13
vulnerability VCID-fn6y-hytc-r3b5
14
vulnerability VCID-gr5g-7tkc-2kfa
15
vulnerability VCID-k1aa-deyg-2kdg
16
vulnerability VCID-k2xa-uwrr-ffez
17
vulnerability VCID-k6ed-y2ud-wffu
18
vulnerability VCID-kcq9-5h99-abct
19
vulnerability VCID-m2bw-tabk-qyd8
20
vulnerability VCID-mvra-6wnv-xya1
21
vulnerability VCID-nzdu-xh5w-27g7
22
vulnerability VCID-qrhh-c86j-rqe6
23
vulnerability VCID-tp75-2k7m-6yaw
24
vulnerability VCID-txyu-4qkf-r3cs
25
vulnerability VCID-x6g5-a61e-3khu
26
vulnerability VCID-ywfx-pjg6-aqcj
27
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.7.4
2
url pkg:composer/silverstripe/framework@4.3.4
purl pkg:composer/silverstripe/framework@4.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d62k-jng6-5fd8
11
vulnerability VCID-d6gt-9mst-dub4
12
vulnerability VCID-dgmv-7v1e-k3b9
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-hj46-jp5w-ckd1
18
vulnerability VCID-jc9t-3hb5-z3g5
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-kcq9-5h99-abct
21
vulnerability VCID-mvra-6wnv-xya1
22
vulnerability VCID-nzdu-xh5w-27g7
23
vulnerability VCID-qrhh-c86j-rqe6
24
vulnerability VCID-txyu-4qkf-r3cs
25
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.4
3
url pkg:composer/silverstripe/framework@4.3.5
purl pkg:composer/silverstripe/framework@4.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d62k-jng6-5fd8
11
vulnerability VCID-d6gt-9mst-dub4
12
vulnerability VCID-dgmv-7v1e-k3b9
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-hj46-jp5w-ckd1
18
vulnerability VCID-k2xa-uwrr-ffez
19
vulnerability VCID-kcq9-5h99-abct
20
vulnerability VCID-mvra-6wnv-xya1
21
vulnerability VCID-nzdu-xh5w-27g7
22
vulnerability VCID-qrhh-c86j-rqe6
23
vulnerability VCID-txyu-4qkf-r3cs
24
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.5
4
url pkg:composer/silverstripe/framework@4.4.4
purl pkg:composer/silverstripe/framework@4.4.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-4ywc-gcvd-73a9
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-5j19-xx5v-fkck
7
vulnerability VCID-8csb-m7rv-xyh2
8
vulnerability VCID-adng-1x6w-2baj
9
vulnerability VCID-cskj-c9ur-47dj
10
vulnerability VCID-d1ap-2u1x-y7gg
11
vulnerability VCID-d62k-jng6-5fd8
12
vulnerability VCID-d6gt-9mst-dub4
13
vulnerability VCID-dgmv-7v1e-k3b9
14
vulnerability VCID-djww-2v4e-qkb2
15
vulnerability VCID-ewqs-8fqc-b3hk
16
vulnerability VCID-fn6y-hytc-r3b5
17
vulnerability VCID-gr5g-7tkc-2kfa
18
vulnerability VCID-hj46-jp5w-ckd1
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-kcq9-5h99-abct
21
vulnerability VCID-mvra-6wnv-xya1
22
vulnerability VCID-nzdu-xh5w-27g7
23
vulnerability VCID-qrhh-c86j-rqe6
24
vulnerability VCID-txyu-4qkf-r3cs
25
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.4.4
aliases CVE-2019-12203, GHSA-w7r7-r8r9-vrg2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4mg2-rjsn-qyfx
4
url VCID-4qq2-bbj1-8fdb
vulnerability_id VCID-4qq2-bbj1-8fdb
summary 
Silverstripe Framework has a Reflected Cross Site Scripting (XSS) in error message
> [!IMPORTANT]
> This vulnerability only affects sites which are in the "dev" environment mode. If your production website is in "dev" mode, it has been misconfigured, and you should immediately swap it to "live" mode.
> See https://docs.silverstripe.org/en/developer_guides/debugging/environment_types/ for more information.

If a website has been set to the "dev" environment mode, a URL can be provided which includes an XSS payload which will be executed in the resulting error message.

## References

- https://www.silverstripe.org/download/security-releases/ss-2024-002

## Reported by

Gaurav Nayak from [Chaleit](https://chaleit.com/)
references
0
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
1
reference_url https://github.com/silverstripe/silverstripe-framework/commit/a555dad4ec73c929f6316bcb4019eb325a5b77d8
reference_id
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/commit/a555dad4ec73c929f6316bcb4019eb325a5b77d8
2
reference_url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-mqf3-qpc3-g26q
reference_id
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-mqf3-qpc3-g26q
3
reference_url https://www.silverstripe.org/download/security-releases/ss-2024-002
reference_id
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/ss-2024-002
4
reference_url https://github.com/advisories/GHSA-mqf3-qpc3-g26q
reference_id GHSA-mqf3-qpc3-g26q
reference_type
scores
url https://github.com/advisories/GHSA-mqf3-qpc3-g26q
fixed_packages
0
url pkg:composer/silverstripe/framework@5.3.8
purl pkg:composer/silverstripe/framework@5.3.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.3.8
1
url pkg:composer/silverstripe/framework@6.0.0-alpha1
purl pkg:composer/silverstripe/framework@6.0.0-alpha1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@6.0.0-alpha1
aliases GHSA-mqf3-qpc3-g26q
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4qq2-bbj1-8fdb
5
url VCID-5ccd-zu9e-yfgp
vulnerability_id VCID-5ccd-zu9e-yfgp
summary Business Logic Errors in GitHub repository silverstripe/silverstripe-framework
references
0
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
1
reference_url https://github.com/silverstripe/silverstripe-framework/commit/cbf2987a616e9ef4d7eccae5d763ef2179bdbcc2
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/commit/cbf2987a616e9ef4d7eccae5d763ef2179bdbcc2
2
reference_url https://huntr.dev/bounties/35631e3a-f4b9-41ad-857c-7e3021932a72
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://huntr.dev/bounties/35631e3a-f4b9-41ad-857c-7e3021932a72
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-0227
reference_id CVE-2022-0227
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-0227
4
reference_url https://github.com/advisories/GHSA-32m2-9f76-4gv8
reference_id GHSA-32m2-9f76-4gv8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-32m2-9f76-4gv8
fixed_packages
0
url pkg:composer/silverstripe/framework@4.10.1
purl pkg:composer/silverstripe/framework@4.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5j19-xx5v-fkck
5
vulnerability VCID-8csb-m7rv-xyh2
6
vulnerability VCID-adng-1x6w-2baj
7
vulnerability VCID-d1ap-2u1x-y7gg
8
vulnerability VCID-d6gt-9mst-dub4
9
vulnerability VCID-ewqs-8fqc-b3hk
10
vulnerability VCID-gr5g-7tkc-2kfa
11
vulnerability VCID-hj46-jp5w-ckd1
12
vulnerability VCID-k2xa-uwrr-ffez
13
vulnerability VCID-kcq9-5h99-abct
14
vulnerability VCID-nzdu-xh5w-27g7
15
vulnerability VCID-txyu-4qkf-r3cs
16
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.10.1
aliases CVE-2022-0227, GHSA-32m2-9f76-4gv8
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5ccd-zu9e-yfgp
6
url VCID-7kmy-8ht6-8fcw
vulnerability_id VCID-7kmy-8ht6-8fcw
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12245
reference_id
reference_type
scores
0
value 0.00255
scoring_system epss
scoring_elements 0.4898
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12245
1
reference_url https://forum.silverstripe.org/c/releases
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://forum.silverstripe.org/c/releases
2
reference_url https://www.silverstripe.org/download/security-releases
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases
3
reference_url https://www.silverstripe.org/download/security-releases/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/
4
reference_url https://www.silverstripe.org/download/security-releases/cve-2019-12245
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/cve-2019-12245
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-12245
reference_id CVE-2019-12245
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-12245
6
reference_url https://www.silverstripe.org/download/security-releases/cve-2019-12245/
reference_id CVE-2019-12245
reference_type
scores
url https://www.silverstripe.org/download/security-releases/cve-2019-12245/
7
reference_url https://www.silverstripe.org/download/security-releases/CVE-2019-12245
reference_id CVE-2019-12245
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/CVE-2019-12245
8
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/assets/CVE-2019-12245.yaml
reference_id CVE-2019-12245.YAML
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/assets/CVE-2019-12245.yaml
9
reference_url https://github.com/advisories/GHSA-jvx5-rm6q-gx7p
reference_id GHSA-jvx5-rm6q-gx7p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jvx5-rm6q-gx7p
fixed_packages
0
url pkg:composer/silverstripe/framework@3.6.8
purl pkg:composer/silverstripe/framework@3.6.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-4mg2-rjsn-qyfx
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-5ccd-zu9e-yfgp
4
vulnerability VCID-7kmy-8ht6-8fcw
5
vulnerability VCID-8csb-m7rv-xyh2
6
vulnerability VCID-8z35-2baj-cqdb
7
vulnerability VCID-9vwe-uejx-c3c5
8
vulnerability VCID-adng-1x6w-2baj
9
vulnerability VCID-cskj-c9ur-47dj
10
vulnerability VCID-d1ap-2u1x-y7gg
11
vulnerability VCID-d6gt-9mst-dub4
12
vulnerability VCID-djww-2v4e-qkb2
13
vulnerability VCID-ewqs-8fqc-b3hk
14
vulnerability VCID-fn6y-hytc-r3b5
15
vulnerability VCID-gr5g-7tkc-2kfa
16
vulnerability VCID-k1aa-deyg-2kdg
17
vulnerability VCID-k2xa-uwrr-ffez
18
vulnerability VCID-k6ed-y2ud-wffu
19
vulnerability VCID-kcq9-5h99-abct
20
vulnerability VCID-m2bw-tabk-qyd8
21
vulnerability VCID-mvra-6wnv-xya1
22
vulnerability VCID-nzdu-xh5w-27g7
23
vulnerability VCID-qrhh-c86j-rqe6
24
vulnerability VCID-tp75-2k7m-6yaw
25
vulnerability VCID-txyu-4qkf-r3cs
26
vulnerability VCID-x6g5-a61e-3khu
27
vulnerability VCID-ywfx-pjg6-aqcj
28
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.6.8
1
url pkg:composer/silverstripe/framework@3.7.4
purl pkg:composer/silverstripe/framework@3.7.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-4mg2-rjsn-qyfx
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-5ccd-zu9e-yfgp
4
vulnerability VCID-7kmy-8ht6-8fcw
5
vulnerability VCID-8csb-m7rv-xyh2
6
vulnerability VCID-9vwe-uejx-c3c5
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d6gt-9mst-dub4
11
vulnerability VCID-djww-2v4e-qkb2
12
vulnerability VCID-ewqs-8fqc-b3hk
13
vulnerability VCID-fn6y-hytc-r3b5
14
vulnerability VCID-gr5g-7tkc-2kfa
15
vulnerability VCID-k1aa-deyg-2kdg
16
vulnerability VCID-k2xa-uwrr-ffez
17
vulnerability VCID-k6ed-y2ud-wffu
18
vulnerability VCID-kcq9-5h99-abct
19
vulnerability VCID-m2bw-tabk-qyd8
20
vulnerability VCID-mvra-6wnv-xya1
21
vulnerability VCID-nzdu-xh5w-27g7
22
vulnerability VCID-qrhh-c86j-rqe6
23
vulnerability VCID-tp75-2k7m-6yaw
24
vulnerability VCID-txyu-4qkf-r3cs
25
vulnerability VCID-x6g5-a61e-3khu
26
vulnerability VCID-ywfx-pjg6-aqcj
27
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.7.4
2
url pkg:composer/silverstripe/framework@4.3.4
purl pkg:composer/silverstripe/framework@4.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d62k-jng6-5fd8
11
vulnerability VCID-d6gt-9mst-dub4
12
vulnerability VCID-dgmv-7v1e-k3b9
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-hj46-jp5w-ckd1
18
vulnerability VCID-jc9t-3hb5-z3g5
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-kcq9-5h99-abct
21
vulnerability VCID-mvra-6wnv-xya1
22
vulnerability VCID-nzdu-xh5w-27g7
23
vulnerability VCID-qrhh-c86j-rqe6
24
vulnerability VCID-txyu-4qkf-r3cs
25
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.4
3
url pkg:composer/silverstripe/framework@4.3.6
purl pkg:composer/silverstripe/framework@4.3.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.6
4
url pkg:composer/silverstripe/framework@4.4.4
purl pkg:composer/silverstripe/framework@4.4.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-4ywc-gcvd-73a9
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-5j19-xx5v-fkck
7
vulnerability VCID-8csb-m7rv-xyh2
8
vulnerability VCID-adng-1x6w-2baj
9
vulnerability VCID-cskj-c9ur-47dj
10
vulnerability VCID-d1ap-2u1x-y7gg
11
vulnerability VCID-d62k-jng6-5fd8
12
vulnerability VCID-d6gt-9mst-dub4
13
vulnerability VCID-dgmv-7v1e-k3b9
14
vulnerability VCID-djww-2v4e-qkb2
15
vulnerability VCID-ewqs-8fqc-b3hk
16
vulnerability VCID-fn6y-hytc-r3b5
17
vulnerability VCID-gr5g-7tkc-2kfa
18
vulnerability VCID-hj46-jp5w-ckd1
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-kcq9-5h99-abct
21
vulnerability VCID-mvra-6wnv-xya1
22
vulnerability VCID-nzdu-xh5w-27g7
23
vulnerability VCID-qrhh-c86j-rqe6
24
vulnerability VCID-txyu-4qkf-r3cs
25
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.4.4
aliases CVE-2019-12245, GHSA-jvx5-rm6q-gx7p
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7kmy-8ht6-8fcw
7
url VCID-89jy-34ks-5kds
vulnerability_id VCID-89jy-34ks-5kds
summary 
Incorrect Authorization
Default SilverStripe GraphQL Server (aka silverstripe/graphql) permission checker is not inherited by query subclass.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-28661
reference_id
reference_type
scores
0
value 0.00169
scoring_system epss
scoring_elements 0.37777
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-28661
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/graphql/CVE-2021-28661.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/graphql/CVE-2021-28661.yaml
2
reference_url https://github.com/silverstripe/silverstripe-graphql
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-graphql
3
reference_url https://github.com/silverstripe/silverstripe-graphql/pull/407/commits/16961459f681f7b32145296189dfdbcc7715e6ed
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-graphql/pull/407/commits/16961459f681f7b32145296189dfdbcc7715e6ed
4
reference_url https://github.com/silverstripe/silverstripe-graphql/releases
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-graphql/releases
5
reference_url https://github.com/silverstripe/silverstripe-graphql/releases/tag/3.5.2
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-graphql/releases/tag/3.5.2
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-28661
reference_id CVE-2021-28661
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-28661
7
reference_url https://www.silverstripe.org/download/security-releases/CVE-2021-28661
reference_id CVE-2021-28661
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/CVE-2021-28661
8
reference_url https://github.com/advisories/GHSA-r7rh-g777-g5gx
reference_id GHSA-r7rh-g777-g5gx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r7rh-g777-g5gx
fixed_packages
0
url pkg:composer/silverstripe/framework@3.5.2
purl pkg:composer/silverstripe/framework@3.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2af9-znrv-3bf7
1
vulnerability VCID-2b81-t1vt-3uar
2
vulnerability VCID-2uck-cp19-v3e9
3
vulnerability VCID-3497-71mw-yqh8
4
vulnerability VCID-4mg2-rjsn-qyfx
5
vulnerability VCID-4qq2-bbj1-8fdb
6
vulnerability VCID-5ccd-zu9e-yfgp
7
vulnerability VCID-7kmy-8ht6-8fcw
8
vulnerability VCID-8csb-m7rv-xyh2
9
vulnerability VCID-9vwe-uejx-c3c5
10
vulnerability VCID-adng-1x6w-2baj
11
vulnerability VCID-cskj-c9ur-47dj
12
vulnerability VCID-d1ap-2u1x-y7gg
13
vulnerability VCID-d6gt-9mst-dub4
14
vulnerability VCID-djww-2v4e-qkb2
15
vulnerability VCID-ewqs-8fqc-b3hk
16
vulnerability VCID-fn6y-hytc-r3b5
17
vulnerability VCID-gr5g-7tkc-2kfa
18
vulnerability VCID-hp6e-75gr-uuan
19
vulnerability VCID-hsfb-xx67-7qg6
20
vulnerability VCID-k1aa-deyg-2kdg
21
vulnerability VCID-k2xa-uwrr-ffez
22
vulnerability VCID-k6ed-y2ud-wffu
23
vulnerability VCID-k8vz-xw7w-e3dg
24
vulnerability VCID-kcq9-5h99-abct
25
vulnerability VCID-m2bw-tabk-qyd8
26
vulnerability VCID-mvra-6wnv-xya1
27
vulnerability VCID-nzdu-xh5w-27g7
28
vulnerability VCID-pq7w-n99a-q7cj
29
vulnerability VCID-qrhh-c86j-rqe6
30
vulnerability VCID-s4vd-dw41-wkgn
31
vulnerability VCID-tp75-2k7m-6yaw
32
vulnerability VCID-txyu-4qkf-r3cs
33
vulnerability VCID-v5s9-xp16-2udf
34
vulnerability VCID-vrv4-sy3z-jfe2
35
vulnerability VCID-x6g5-a61e-3khu
36
vulnerability VCID-xazf-vmz5-r3dj
37
vulnerability VCID-yhh9-rkh9-rqeu
38
vulnerability VCID-ywfx-pjg6-aqcj
39
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.5.2
aliases CVE-2021-28661, GHSA-r7rh-g777-g5gx
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-89jy-34ks-5kds
8
url VCID-8csb-m7rv-xyh2
vulnerability_id VCID-8csb-m7rv-xyh2
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41559
reference_id
reference_type
scores
0
value 0.00348
scoring_system epss
scoring_elements 0.57606
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41559
1
reference_url https://github.com/silverstripe/silverstripe-framework/releases
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/releases
2
reference_url https://www.silverstripe.org/download/security-releases
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases
3
reference_url https://www.silverstripe.org/download/security-releases/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41559
reference_id CVE-2021-41559
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-41559
5
reference_url https://www.silverstripe.org/download/security-releases/cve-2021-41559
reference_id CVE-2021-41559
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/cve-2021-41559
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2021-41559.yaml
reference_id CVE-2021-41559.YAML
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2021-41559.yaml
7
reference_url https://github.com/advisories/GHSA-9fmg-89fx-r33w
reference_id GHSA-9fmg-89fx-r33w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9fmg-89fx-r33w
fixed_packages
0
url pkg:composer/silverstripe/framework@4.10.9
purl pkg:composer/silverstripe/framework@4.10.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-adng-1x6w-2baj
5
vulnerability VCID-d1ap-2u1x-y7gg
6
vulnerability VCID-d6gt-9mst-dub4
7
vulnerability VCID-ewqs-8fqc-b3hk
8
vulnerability VCID-gr5g-7tkc-2kfa
9
vulnerability VCID-k2xa-uwrr-ffez
10
vulnerability VCID-kcq9-5h99-abct
11
vulnerability VCID-nzdu-xh5w-27g7
12
vulnerability VCID-txyu-4qkf-r3cs
13
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.10.9
1
url pkg:composer/silverstripe/framework@4.11.0-beta1
purl pkg:composer/silverstripe/framework@4.11.0-beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-adng-1x6w-2baj
4
vulnerability VCID-d1ap-2u1x-y7gg
5
vulnerability VCID-d6gt-9mst-dub4
6
vulnerability VCID-ewqs-8fqc-b3hk
7
vulnerability VCID-gr5g-7tkc-2kfa
8
vulnerability VCID-k2xa-uwrr-ffez
9
vulnerability VCID-kcq9-5h99-abct
10
vulnerability VCID-nzdu-xh5w-27g7
11
vulnerability VCID-txyu-4qkf-r3cs
12
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.11.0-beta1
aliases CVE-2021-41559, GHSA-9fmg-89fx-r33w
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8csb-m7rv-xyh2
9
url VCID-9vwe-uejx-c3c5
vulnerability_id VCID-9vwe-uejx-c3c5
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12246
reference_id
reference_type
scores
0
value 0.00156
scoring_system epss
scoring_elements 0.36012
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12246
1
reference_url https://forum.silverstripe.org/c/releases
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://forum.silverstripe.org/c/releases
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-12246.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-12246.yaml
3
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
4
reference_url https://github.com/silverstripe/silverstripe-framework/commit/ca56e8d78e468874b9267c94d8ec75240b6da0ab
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/commit/ca56e8d78e468874b9267c94d8ec75240b6da0ab
5
reference_url https://www.silverstripe.org/blog/tag/release
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/blog/tag/release
6
reference_url https://www.silverstripe.org/download/security-releases/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-12246
reference_id CVE-2019-12246
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-12246
8
reference_url https://www.silverstripe.org/download/security-releases/cve-2019-12246
reference_id CVE-2019-12246
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/cve-2019-12246
fixed_packages
0
url pkg:composer/silverstripe/framework@4.3.4
purl pkg:composer/silverstripe/framework@4.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d62k-jng6-5fd8
11
vulnerability VCID-d6gt-9mst-dub4
12
vulnerability VCID-dgmv-7v1e-k3b9
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-hj46-jp5w-ckd1
18
vulnerability VCID-jc9t-3hb5-z3g5
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-kcq9-5h99-abct
21
vulnerability VCID-mvra-6wnv-xya1
22
vulnerability VCID-nzdu-xh5w-27g7
23
vulnerability VCID-qrhh-c86j-rqe6
24
vulnerability VCID-txyu-4qkf-r3cs
25
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.4
1
url pkg:composer/silverstripe/framework@4.4.0
purl pkg:composer/silverstripe/framework@4.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4mg2-rjsn-qyfx
3
vulnerability VCID-4qq2-bbj1-8fdb
4
vulnerability VCID-4vmq-kug8-dug8
5
vulnerability VCID-4ywc-gcvd-73a9
6
vulnerability VCID-5ccd-zu9e-yfgp
7
vulnerability VCID-5j19-xx5v-fkck
8
vulnerability VCID-7kmy-8ht6-8fcw
9
vulnerability VCID-8csb-m7rv-xyh2
10
vulnerability VCID-adng-1x6w-2baj
11
vulnerability VCID-cskj-c9ur-47dj
12
vulnerability VCID-d1ap-2u1x-y7gg
13
vulnerability VCID-d62k-jng6-5fd8
14
vulnerability VCID-d6gt-9mst-dub4
15
vulnerability VCID-dgmv-7v1e-k3b9
16
vulnerability VCID-djww-2v4e-qkb2
17
vulnerability VCID-ewqs-8fqc-b3hk
18
vulnerability VCID-fn6y-hytc-r3b5
19
vulnerability VCID-gr5g-7tkc-2kfa
20
vulnerability VCID-hj46-jp5w-ckd1
21
vulnerability VCID-jc9t-3hb5-z3g5
22
vulnerability VCID-k2xa-uwrr-ffez
23
vulnerability VCID-k6ed-y2ud-wffu
24
vulnerability VCID-kcq9-5h99-abct
25
vulnerability VCID-m2bw-tabk-qyd8
26
vulnerability VCID-mvra-6wnv-xya1
27
vulnerability VCID-nzdu-xh5w-27g7
28
vulnerability VCID-qrhh-c86j-rqe6
29
vulnerability VCID-txyu-4qkf-r3cs
30
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.4.0
aliases CVE-2019-12246, GHSA-5fr8-xhqq-4p3q
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9vwe-uejx-c3c5
10
url VCID-adng-1x6w-2baj
vulnerability_id VCID-adng-1x6w-2baj
summary 
Improper Input Validation
Silverstripe Framework is the MVC framework that powers Silverstripe CMS. When a new member record is created and a password is not set, an empty encrypted password is generated. As a result, if someone is aware of the existence of a member record associated with a specific email address, they can potentially attempt to log in using that empty password. Although the default member authenticator and login form require a non-empty password, alternative authentication methods might still permit a successful login with the empty password. This issue has been patched in versions 4.13.4 and 5.0.13.
references
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-32302.yaml
reference_id
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-32302.yaml
1
reference_url https://github.com/github/advisory-database/pull/2575
reference_id
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/github/advisory-database/pull/2575
2
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
3
reference_url https://github.com/silverstripe/silverstripe-framework/commit/7b21b38ac4532d06565dfcefad50540ebd2b50f4
reference_id
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/commit/7b21b38ac4532d06565dfcefad50540ebd2b50f4
4
reference_url https://github.com/silverstripe/silverstripe-framework/releases/tag/4.13.14
reference_id
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/releases/tag/4.13.14
5
reference_url https://github.com/silverstripe/silverstripe-framework/releases/tag/5.0.13
reference_id
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/releases/tag/5.0.13
6
reference_url https://www.silverstripe.org/download/security-releases/CVE-2023-32302
reference_id
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/CVE-2023-32302
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-32302
reference_id CVE-2023-32302
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-32302
8
reference_url https://github.com/advisories/GHSA-36xx-7vf6-7mv3
reference_id GHSA-36xx-7vf6-7mv3
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-36xx-7vf6-7mv3
9
reference_url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-36xx-7vf6-7mv3
reference_id GHSA-36xx-7vf6-7mv3
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-36xx-7vf6-7mv3
fixed_packages
0
url pkg:composer/silverstripe/framework@4.13.14
purl pkg:composer/silverstripe/framework@4.13.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-4qq2-bbj1-8fdb
2
vulnerability VCID-d1ap-2u1x-y7gg
3
vulnerability VCID-d6gt-9mst-dub4
4
vulnerability VCID-ewqs-8fqc-b3hk
5
vulnerability VCID-k2xa-uwrr-ffez
6
vulnerability VCID-kcq9-5h99-abct
7
vulnerability VCID-txyu-4qkf-r3cs
8
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.13.14
1
url pkg:composer/silverstripe/framework@5.0.13
purl pkg:composer/silverstripe/framework@5.0.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-4qq2-bbj1-8fdb
2
vulnerability VCID-d1ap-2u1x-y7gg
3
vulnerability VCID-d6gt-9mst-dub4
4
vulnerability VCID-ewqs-8fqc-b3hk
5
vulnerability VCID-k2xa-uwrr-ffez
6
vulnerability VCID-kcq9-5h99-abct
7
vulnerability VCID-txyu-4qkf-r3cs
8
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.0.13
aliases CVE-2023-32302, GHSA-36xx-7vf6-7mv3
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-adng-1x6w-2baj
11
url VCID-cskj-c9ur-47dj
vulnerability_id VCID-cskj-c9ur-47dj
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-26136
reference_id
reference_type
scores
0
value 0.00216
scoring_system epss
scoring_elements 0.44161
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-26136
1
reference_url https://forum.silverstripe.org/c/releases
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://forum.silverstripe.org/c/releases
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/graphql/CVE-2020-26136.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/graphql/CVE-2020-26136.yaml
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-26136
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-26136
4
reference_url https://www.silverstripe.org/blog/tag/release
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/blog/tag/release
5
reference_url https://www.silverstripe.org/download/security-releases
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases
6
reference_url https://www.silverstripe.org/download/security-releases/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/
7
reference_url https://www.silverstripe.org/download/security-releases/cve-2020-26136
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/cve-2020-26136
8
reference_url https://github.com/advisories/GHSA-mg2g-8pwj-r2j2
reference_id GHSA-mg2g-8pwj-r2j2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mg2g-8pwj-r2j2
fixed_packages
0
url pkg:composer/silverstripe/framework@4.6.0
purl pkg:composer/silverstripe/framework@4.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-d1ap-2u1x-y7gg
9
vulnerability VCID-d6gt-9mst-dub4
10
vulnerability VCID-ewqs-8fqc-b3hk
11
vulnerability VCID-gr5g-7tkc-2kfa
12
vulnerability VCID-hj46-jp5w-ckd1
13
vulnerability VCID-k2xa-uwrr-ffez
14
vulnerability VCID-kcq9-5h99-abct
15
vulnerability VCID-mvra-6wnv-xya1
16
vulnerability VCID-nzdu-xh5w-27g7
17
vulnerability VCID-txyu-4qkf-r3cs
18
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.6.0
aliases CVE-2020-26136, GHSA-mg2g-8pwj-r2j2
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cskj-c9ur-47dj
12
url VCID-d1ap-2u1x-y7gg
vulnerability_id VCID-d1ap-2u1x-y7gg
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-53277
reference_id
reference_type
scores
0
value 0.01074
scoring_system epss
scoring_elements 0.78068
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-53277
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2024-53277.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2024-53277.yaml
2
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
3
reference_url https://github.com/silverstripe/silverstripe-framework/commit/74904f539347b7d1f8c5b5fb9e28d62ff251ee00
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:52:17Z/
url https://github.com/silverstripe/silverstripe-framework/commit/74904f539347b7d1f8c5b5fb9e28d62ff251ee00
4
reference_url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-ff6q-3c9c-6cf5
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:52:17Z/
url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-ff6q-3c9c-6cf5
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-53277
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-53277
6
reference_url https://www.silverstripe.org/download/security-releases/cve-2024-53277
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:52:17Z/
url https://www.silverstripe.org/download/security-releases/cve-2024-53277
7
reference_url https://github.com/advisories/GHSA-ff6q-3c9c-6cf5
reference_id GHSA-ff6q-3c9c-6cf5
reference_type
scores
url https://github.com/advisories/GHSA-ff6q-3c9c-6cf5
fixed_packages
0
url pkg:composer/silverstripe/framework@5.3.8
purl pkg:composer/silverstripe/framework@5.3.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.3.8
1
url pkg:composer/silverstripe/framework@6.0.0-alpha1
purl pkg:composer/silverstripe/framework@6.0.0-alpha1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@6.0.0-alpha1
aliases CVE-2024-53277, GHSA-ff6q-3c9c-6cf5
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d1ap-2u1x-y7gg
13
url VCID-d6gt-9mst-dub4
vulnerability_id VCID-d6gt-9mst-dub4
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-32981
reference_id
reference_type
scores
0
value 0.0105
scoring_system epss
scoring_elements 0.77841
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-32981
1
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
2
reference_url https://github.com/silverstripe/silverstripe-framework/commit/b8d20dc9d531550e06fd7da7a0eafa551922e2e1
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T13:18:39Z/
url https://github.com/silverstripe/silverstripe-framework/commit/b8d20dc9d531550e06fd7da7a0eafa551922e2e1
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-32981
reference_id CVE-2024-32981
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-32981
4
reference_url https://www.silverstripe.org/download/security-releases/cve-2024-32981
reference_id CVE-2024-32981
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T13:18:39Z/
url https://www.silverstripe.org/download/security-releases/cve-2024-32981
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2024-32981.yaml
reference_id CVE-2024-32981.YAML
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2024-32981.yaml
6
reference_url https://github.com/advisories/GHSA-chx7-9x8h-r5mg
reference_id GHSA-chx7-9x8h-r5mg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-chx7-9x8h-r5mg
7
reference_url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-chx7-9x8h-r5mg
reference_id GHSA-chx7-9x8h-r5mg
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T13:18:39Z/
url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-chx7-9x8h-r5mg
fixed_packages
0
url pkg:composer/silverstripe/framework@5.2.16
purl pkg:composer/silverstripe/framework@5.2.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-4qq2-bbj1-8fdb
2
vulnerability VCID-d1ap-2u1x-y7gg
3
vulnerability VCID-ewqs-8fqc-b3hk
4
vulnerability VCID-kcq9-5h99-abct
5
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.2.16
aliases CVE-2024-32981, GHSA-chx7-9x8h-r5mg
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d6gt-9mst-dub4
14
url VCID-djww-2v4e-qkb2
vulnerability_id VCID-djww-2v4e-qkb2
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-26138
reference_id
reference_type
scores
0
value 0.00292
scoring_system epss
scoring_elements 0.52834
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-26138
1
reference_url https://forum.silverstripe.org/c/releases
reference_id
reference_type
scores
url https://forum.silverstripe.org/c/releases
2
reference_url https://www.silverstripe.org/blog/tag/release
reference_id
reference_type
scores
url https://www.silverstripe.org/blog/tag/release
3
reference_url https://www.silverstripe.org/download/security-releases/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-26138
reference_id CVE-2020-26138
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-26138
5
reference_url https://www.silverstripe.org/download/security-releases/cve-2020-26138
reference_id CVE-2020-26138
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/cve-2020-26138
6
reference_url https://www.silverstripe.org/download/security-releases/cve-2020-26138/
reference_id CVE-2020-26138
reference_type
scores
url https://www.silverstripe.org/download/security-releases/cve-2020-26138/
7
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2020-26138.yaml
reference_id CVE-2020-26138.YAML
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2020-26138.yaml
8
reference_url https://github.com/advisories/GHSA-7mv4-4xpg-xq44
reference_id GHSA-7mv4-4xpg-xq44
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7mv4-4xpg-xq44
fixed_packages
0
url pkg:composer/silverstripe/framework@4.6.0
purl pkg:composer/silverstripe/framework@4.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-d1ap-2u1x-y7gg
9
vulnerability VCID-d6gt-9mst-dub4
10
vulnerability VCID-ewqs-8fqc-b3hk
11
vulnerability VCID-gr5g-7tkc-2kfa
12
vulnerability VCID-hj46-jp5w-ckd1
13
vulnerability VCID-k2xa-uwrr-ffez
14
vulnerability VCID-kcq9-5h99-abct
15
vulnerability VCID-mvra-6wnv-xya1
16
vulnerability VCID-nzdu-xh5w-27g7
17
vulnerability VCID-txyu-4qkf-r3cs
18
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.6.0
1
url pkg:composer/silverstripe/framework@4.7.4
purl pkg:composer/silverstripe/framework@4.7.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-d1ap-2u1x-y7gg
9
vulnerability VCID-d6gt-9mst-dub4
10
vulnerability VCID-ewqs-8fqc-b3hk
11
vulnerability VCID-gr5g-7tkc-2kfa
12
vulnerability VCID-hj46-jp5w-ckd1
13
vulnerability VCID-k2xa-uwrr-ffez
14
vulnerability VCID-kcq9-5h99-abct
15
vulnerability VCID-mvra-6wnv-xya1
16
vulnerability VCID-nzdu-xh5w-27g7
17
vulnerability VCID-txyu-4qkf-r3cs
18
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.7.4
aliases CVE-2020-26138, GHSA-7mv4-4xpg-xq44
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-djww-2v4e-qkb2
15
url VCID-ewqs-8fqc-b3hk
vulnerability_id VCID-ewqs-8fqc-b3hk
summary 
Reflected Cross Site Scripting (XSS) in error message
If a website has been set to the "dev" environment mode, a URL can be provided which includes an XSS payload which will be executed in the resulting error message.
references
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2024-002.yaml
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2024-002.yaml
1
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
2
reference_url https://www.silverstripe.org/download/security-releases/ss-2024-002
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/ss-2024-002
3
reference_url https://github.com/advisories/GHSA-74j9-xhqr-6qv3
reference_id GHSA-74j9-xhqr-6qv3
reference_type
scores
url https://github.com/advisories/GHSA-74j9-xhqr-6qv3
fixed_packages
0
url pkg:composer/silverstripe/framework@5.3.8
purl pkg:composer/silverstripe/framework@5.3.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.3.8
aliases GHSA-74j9-xhqr-6qv3
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ewqs-8fqc-b3hk
16
url VCID-fn6y-hytc-r3b5
vulnerability_id VCID-fn6y-hytc-r3b5
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19326
reference_id
reference_type
scores
0
value 0.00209
scoring_system epss
scoring_elements 0.43356
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19326
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-19326.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-19326.yaml
2
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
3
reference_url https://github.com/silverstripe/silverstripe-framework/commit/107706c12cd9cf4d1b8b96b6a6e223633209d851
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/commit/107706c12cd9cf4d1b8b96b6a6e223633209d851
4
reference_url https://github.com/silverstripe/silverstripe-framework/commit/8518987cbd1eaca71b65dd4a4b35591db941509a
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/commit/8518987cbd1eaca71b65dd4a4b35591db941509a
5
reference_url https://github.com/silverstripe/silverstripe-framework/commit/98926e4e6c26d1d43bb1faf516d15bdb2739556e
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/commit/98926e4e6c26d1d43bb1faf516d15bdb2739556e
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-19326
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-19326
7
reference_url https://www.silverstripe.org/download/security-releases/CVE-2019-19326
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/CVE-2019-19326
8
reference_url https://github.com/advisories/GHSA-q9ff-3q93-fm8m
reference_id GHSA-q9ff-3q93-fm8m
reference_type
scores
url https://github.com/advisories/GHSA-q9ff-3q93-fm8m
fixed_packages
0
url pkg:composer/silverstripe/framework@3.7.5
purl pkg:composer/silverstripe/framework@3.7.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-4qq2-bbj1-8fdb
2
vulnerability VCID-5ccd-zu9e-yfgp
3
vulnerability VCID-8csb-m7rv-xyh2
4
vulnerability VCID-adng-1x6w-2baj
5
vulnerability VCID-cskj-c9ur-47dj
6
vulnerability VCID-d1ap-2u1x-y7gg
7
vulnerability VCID-d6gt-9mst-dub4
8
vulnerability VCID-djww-2v4e-qkb2
9
vulnerability VCID-ewqs-8fqc-b3hk
10
vulnerability VCID-gr5g-7tkc-2kfa
11
vulnerability VCID-k2xa-uwrr-ffez
12
vulnerability VCID-kcq9-5h99-abct
13
vulnerability VCID-mvra-6wnv-xya1
14
vulnerability VCID-nzdu-xh5w-27g7
15
vulnerability VCID-qrhh-c86j-rqe6
16
vulnerability VCID-txyu-4qkf-r3cs
17
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.7.5
1
url pkg:composer/silverstripe/framework@4.4.7
purl pkg:composer/silverstripe/framework@4.4.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d6gt-9mst-dub4
11
vulnerability VCID-dgmv-7v1e-k3b9
12
vulnerability VCID-djww-2v4e-qkb2
13
vulnerability VCID-ewqs-8fqc-b3hk
14
vulnerability VCID-gr5g-7tkc-2kfa
15
vulnerability VCID-hj46-jp5w-ckd1
16
vulnerability VCID-k2xa-uwrr-ffez
17
vulnerability VCID-kcq9-5h99-abct
18
vulnerability VCID-mvra-6wnv-xya1
19
vulnerability VCID-nzdu-xh5w-27g7
20
vulnerability VCID-qrhh-c86j-rqe6
21
vulnerability VCID-txyu-4qkf-r3cs
22
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.4.7
2
url pkg:composer/silverstripe/framework@4.5.4
purl pkg:composer/silverstripe/framework@4.5.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d6gt-9mst-dub4
11
vulnerability VCID-djww-2v4e-qkb2
12
vulnerability VCID-ewqs-8fqc-b3hk
13
vulnerability VCID-gr5g-7tkc-2kfa
14
vulnerability VCID-hj46-jp5w-ckd1
15
vulnerability VCID-k2xa-uwrr-ffez
16
vulnerability VCID-kcq9-5h99-abct
17
vulnerability VCID-mvra-6wnv-xya1
18
vulnerability VCID-nzdu-xh5w-27g7
19
vulnerability VCID-qrhh-c86j-rqe6
20
vulnerability VCID-txyu-4qkf-r3cs
21
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.5.4
aliases CVE-2019-19326, GHSA-q9ff-3q93-fm8m
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fn6y-hytc-r3b5
17
url VCID-gr5g-7tkc-2kfa
vulnerability_id VCID-gr5g-7tkc-2kfa
summary 
Missing Authorization
Silverstripe Framework is the Model-View-Controller framework that powers the Silverstripe content management system. Prior to version 4.12.15, the GridField print view incorrectly validates the permission of DataObjects potentially allowing a content author to view records they are not authorised to access. Users should upgrade to Silverstripe Framework 4.12.15 or above to address the issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-22728
reference_id
reference_type
scores
0
value 0.00054
scoring_system epss
scoring_elements 0.17257
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-22728
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-22728.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-22728.yaml
2
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
3
reference_url https://github.com/silverstripe/silverstripe-framework/commit/fd5d8217e83768d7bf841e94b2d4d82642d5bc58
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-31T16:10:52Z/
url https://github.com/silverstripe/silverstripe-framework/commit/fd5d8217e83768d7bf841e94b2d4d82642d5bc58
4
reference_url https://www.silverstripe.org/download/security-releases/cve-2023-22728
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/cve-2023-22728
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-22728
reference_id CVE-2023-22728
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-22728
6
reference_url https://github.com/advisories/GHSA-jh3w-6jp2-vqqm
reference_id GHSA-jh3w-6jp2-vqqm
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jh3w-6jp2-vqqm
7
reference_url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-jh3w-6jp2-vqqm
reference_id GHSA-jh3w-6jp2-vqqm
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-31T16:10:52Z/
url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-jh3w-6jp2-vqqm
fixed_packages
0
url pkg:composer/silverstripe/framework@4.12.5
purl pkg:composer/silverstripe/framework@4.12.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-4qq2-bbj1-8fdb
2
vulnerability VCID-adng-1x6w-2baj
3
vulnerability VCID-d1ap-2u1x-y7gg
4
vulnerability VCID-d6gt-9mst-dub4
5
vulnerability VCID-ewqs-8fqc-b3hk
6
vulnerability VCID-k2xa-uwrr-ffez
7
vulnerability VCID-kcq9-5h99-abct
8
vulnerability VCID-txyu-4qkf-r3cs
9
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.12.5
aliases CVE-2023-22728, GHSA-jh3w-6jp2-vqqm
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gr5g-7tkc-2kfa
18
url VCID-k1aa-deyg-2kdg
vulnerability_id VCID-k1aa-deyg-2kdg
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-14272
reference_id
reference_type
scores
0
value 0.00347
scoring_system epss
scoring_elements 0.57522
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-14272
1
reference_url https://forum.silverstripe.org/c/releases
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://forum.silverstripe.org/c/releases
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-14272.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-14272.yaml
3
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
4
reference_url https://www.silverstripe.org/blog/tag/release
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/blog/tag/release
5
reference_url https://www.silverstripe.org/download/security-releases/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-14272
reference_id CVE-2019-14272
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-14272
7
reference_url https://www.silverstripe.org/download/security-releases/CVE-2019-14272
reference_id CVE-2019-14272
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/CVE-2019-14272
fixed_packages
0
url pkg:composer/silverstripe/framework@4.0.1-rc1
purl pkg:composer/silverstripe/framework@4.0.1-rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-25r7-spjd-qufz
2
vulnerability VCID-2e1q-fc4b-mydq
3
vulnerability VCID-2p3r-ff36-aqfm
4
vulnerability VCID-2uck-cp19-v3e9
5
vulnerability VCID-3497-71mw-yqh8
6
vulnerability VCID-4mg2-rjsn-qyfx
7
vulnerability VCID-4qq2-bbj1-8fdb
8
vulnerability VCID-4vmq-kug8-dug8
9
vulnerability VCID-5ccd-zu9e-yfgp
10
vulnerability VCID-5j19-xx5v-fkck
11
vulnerability VCID-6zn9-kt2q-s3bq
12
vulnerability VCID-7kmy-8ht6-8fcw
13
vulnerability VCID-8csb-m7rv-xyh2
14
vulnerability VCID-9vwe-uejx-c3c5
15
vulnerability VCID-adng-1x6w-2baj
16
vulnerability VCID-c3aa-8je2-quek
17
vulnerability VCID-cskj-c9ur-47dj
18
vulnerability VCID-d1ap-2u1x-y7gg
19
vulnerability VCID-d62k-jng6-5fd8
20
vulnerability VCID-d6gt-9mst-dub4
21
vulnerability VCID-dgmv-7v1e-k3b9
22
vulnerability VCID-djww-2v4e-qkb2
23
vulnerability VCID-ewqs-8fqc-b3hk
24
vulnerability VCID-fn6y-hytc-r3b5
25
vulnerability VCID-gr5g-7tkc-2kfa
26
vulnerability VCID-hj46-jp5w-ckd1
27
vulnerability VCID-hp6e-75gr-uuan
28
vulnerability VCID-hsfb-xx67-7qg6
29
vulnerability VCID-jc9t-3hb5-z3g5
30
vulnerability VCID-jxym-rkhj-yybr
31
vulnerability VCID-k2xa-uwrr-ffez
32
vulnerability VCID-k8vz-xw7w-e3dg
33
vulnerability VCID-kcq9-5h99-abct
34
vulnerability VCID-m2bw-tabk-qyd8
35
vulnerability VCID-mfzd-r5pm-q7es
36
vulnerability VCID-mvra-6wnv-xya1
37
vulnerability VCID-nzdu-xh5w-27g7
38
vulnerability VCID-pmb3-k9w1-y7gm
39
vulnerability VCID-qrhh-c86j-rqe6
40
vulnerability VCID-s99v-qdmh-ebf8
41
vulnerability VCID-txyu-4qkf-r3cs
42
vulnerability VCID-x6g5-a61e-3khu
43
vulnerability VCID-ywfx-pjg6-aqcj
44
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.1-rc1
1
url pkg:composer/silverstripe/framework@4.0.1
purl pkg:composer/silverstripe/framework@4.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-25r7-spjd-qufz
2
vulnerability VCID-2e1q-fc4b-mydq
3
vulnerability VCID-2p3r-ff36-aqfm
4
vulnerability VCID-2uck-cp19-v3e9
5
vulnerability VCID-3497-71mw-yqh8
6
vulnerability VCID-4mg2-rjsn-qyfx
7
vulnerability VCID-4qq2-bbj1-8fdb
8
vulnerability VCID-4vmq-kug8-dug8
9
vulnerability VCID-5ccd-zu9e-yfgp
10
vulnerability VCID-5j19-xx5v-fkck
11
vulnerability VCID-6zn9-kt2q-s3bq
12
vulnerability VCID-7kmy-8ht6-8fcw
13
vulnerability VCID-8csb-m7rv-xyh2
14
vulnerability VCID-9vwe-uejx-c3c5
15
vulnerability VCID-adng-1x6w-2baj
16
vulnerability VCID-c3aa-8je2-quek
17
vulnerability VCID-cskj-c9ur-47dj
18
vulnerability VCID-d1ap-2u1x-y7gg
19
vulnerability VCID-d62k-jng6-5fd8
20
vulnerability VCID-d6gt-9mst-dub4
21
vulnerability VCID-dgmv-7v1e-k3b9
22
vulnerability VCID-djww-2v4e-qkb2
23
vulnerability VCID-ewqs-8fqc-b3hk
24
vulnerability VCID-fn6y-hytc-r3b5
25
vulnerability VCID-gr5g-7tkc-2kfa
26
vulnerability VCID-hj46-jp5w-ckd1
27
vulnerability VCID-jc9t-3hb5-z3g5
28
vulnerability VCID-jxym-rkhj-yybr
29
vulnerability VCID-k2xa-uwrr-ffez
30
vulnerability VCID-kcq9-5h99-abct
31
vulnerability VCID-m2bw-tabk-qyd8
32
vulnerability VCID-mfzd-r5pm-q7es
33
vulnerability VCID-mvra-6wnv-xya1
34
vulnerability VCID-nzdu-xh5w-27g7
35
vulnerability VCID-pmb3-k9w1-y7gm
36
vulnerability VCID-qrhh-c86j-rqe6
37
vulnerability VCID-txyu-4qkf-r3cs
38
vulnerability VCID-x6g5-a61e-3khu
39
vulnerability VCID-ywfx-pjg6-aqcj
40
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.1
2
url pkg:composer/silverstripe/framework@4.3.5
purl pkg:composer/silverstripe/framework@4.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d62k-jng6-5fd8
11
vulnerability VCID-d6gt-9mst-dub4
12
vulnerability VCID-dgmv-7v1e-k3b9
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-hj46-jp5w-ckd1
18
vulnerability VCID-k2xa-uwrr-ffez
19
vulnerability VCID-kcq9-5h99-abct
20
vulnerability VCID-mvra-6wnv-xya1
21
vulnerability VCID-nzdu-xh5w-27g7
22
vulnerability VCID-qrhh-c86j-rqe6
23
vulnerability VCID-txyu-4qkf-r3cs
24
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.5
3
url pkg:composer/silverstripe/framework@4.4.4
purl pkg:composer/silverstripe/framework@4.4.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-4ywc-gcvd-73a9
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-5j19-xx5v-fkck
7
vulnerability VCID-8csb-m7rv-xyh2
8
vulnerability VCID-adng-1x6w-2baj
9
vulnerability VCID-cskj-c9ur-47dj
10
vulnerability VCID-d1ap-2u1x-y7gg
11
vulnerability VCID-d62k-jng6-5fd8
12
vulnerability VCID-d6gt-9mst-dub4
13
vulnerability VCID-dgmv-7v1e-k3b9
14
vulnerability VCID-djww-2v4e-qkb2
15
vulnerability VCID-ewqs-8fqc-b3hk
16
vulnerability VCID-fn6y-hytc-r3b5
17
vulnerability VCID-gr5g-7tkc-2kfa
18
vulnerability VCID-hj46-jp5w-ckd1
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-kcq9-5h99-abct
21
vulnerability VCID-mvra-6wnv-xya1
22
vulnerability VCID-nzdu-xh5w-27g7
23
vulnerability VCID-qrhh-c86j-rqe6
24
vulnerability VCID-txyu-4qkf-r3cs
25
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.4.4
aliases CVE-2019-14272, GHSA-jgw2-f5mx-rg7h
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k1aa-deyg-2kdg
19
url VCID-k2xa-uwrr-ffez
vulnerability_id VCID-k2xa-uwrr-ffez
summary Silverstripe uses TinyMCE which allows svg files linked in object tags
references
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2024-001.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2024-001.yaml
1
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
2
reference_url https://www.silverstripe.org/download/security-releases/ss-2024-001
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/ss-2024-001
3
reference_url https://github.com/advisories/GHSA-52cw-pvq9-9m5v
reference_id GHSA-52cw-pvq9-9m5v
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-52cw-pvq9-9m5v
4
reference_url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-52cw-pvq9-9m5v
reference_id GHSA-52cw-pvq9-9m5v
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-52cw-pvq9-9m5v
5
reference_url https://github.com/advisories/GHSA-5359-pvf2-pw78
reference_id GHSA-5359-pvf2-pw78
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-5359-pvf2-pw78
fixed_packages
0
url pkg:composer/silverstripe/framework@5.2.16
purl pkg:composer/silverstripe/framework@5.2.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-4qq2-bbj1-8fdb
2
vulnerability VCID-d1ap-2u1x-y7gg
3
vulnerability VCID-ewqs-8fqc-b3hk
4
vulnerability VCID-kcq9-5h99-abct
5
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.2.16
aliases GHSA-52cw-pvq9-9m5v
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k2xa-uwrr-ffez
20
url VCID-k6ed-y2ud-wffu
vulnerability_id VCID-k6ed-y2ud-wffu
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-14273
reference_id
reference_type
scores
0
value 0.00336
scoring_system epss
scoring_elements 0.56678
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-14273
1
reference_url https://forum.silverstripe.org/c/releases
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://forum.silverstripe.org/c/releases
2
reference_url https://github.com/FriendsOfPHP/security-advisories
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories
3
reference_url https://www.silverstripe.org/blog/tag/release
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/blog/tag/release
4
reference_url https://www.silverstripe.org/download/security-releases
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases
5
reference_url https://www.silverstripe.org/download/security-releases/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-14273
reference_id CVE-2019-14273
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-14273
7
reference_url https://www.silverstripe.org/download/security-releases/CVE-2019-14273
reference_id CVE-2019-14273
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/CVE-2019-14273
8
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-14273.yaml
reference_id CVE-2019-14273.YAML
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-14273.yaml
9
reference_url https://github.com/advisories/GHSA-43jj-2rwc-2m3f
reference_id GHSA-43jj-2rwc-2m3f
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-43jj-2rwc-2m3f
fixed_packages
0
url pkg:composer/silverstripe/framework@4.0.1-rc1
purl pkg:composer/silverstripe/framework@4.0.1-rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-25r7-spjd-qufz
2
vulnerability VCID-2e1q-fc4b-mydq
3
vulnerability VCID-2p3r-ff36-aqfm
4
vulnerability VCID-2uck-cp19-v3e9
5
vulnerability VCID-3497-71mw-yqh8
6
vulnerability VCID-4mg2-rjsn-qyfx
7
vulnerability VCID-4qq2-bbj1-8fdb
8
vulnerability VCID-4vmq-kug8-dug8
9
vulnerability VCID-5ccd-zu9e-yfgp
10
vulnerability VCID-5j19-xx5v-fkck
11
vulnerability VCID-6zn9-kt2q-s3bq
12
vulnerability VCID-7kmy-8ht6-8fcw
13
vulnerability VCID-8csb-m7rv-xyh2
14
vulnerability VCID-9vwe-uejx-c3c5
15
vulnerability VCID-adng-1x6w-2baj
16
vulnerability VCID-c3aa-8je2-quek
17
vulnerability VCID-cskj-c9ur-47dj
18
vulnerability VCID-d1ap-2u1x-y7gg
19
vulnerability VCID-d62k-jng6-5fd8
20
vulnerability VCID-d6gt-9mst-dub4
21
vulnerability VCID-dgmv-7v1e-k3b9
22
vulnerability VCID-djww-2v4e-qkb2
23
vulnerability VCID-ewqs-8fqc-b3hk
24
vulnerability VCID-fn6y-hytc-r3b5
25
vulnerability VCID-gr5g-7tkc-2kfa
26
vulnerability VCID-hj46-jp5w-ckd1
27
vulnerability VCID-hp6e-75gr-uuan
28
vulnerability VCID-hsfb-xx67-7qg6
29
vulnerability VCID-jc9t-3hb5-z3g5
30
vulnerability VCID-jxym-rkhj-yybr
31
vulnerability VCID-k2xa-uwrr-ffez
32
vulnerability VCID-k8vz-xw7w-e3dg
33
vulnerability VCID-kcq9-5h99-abct
34
vulnerability VCID-m2bw-tabk-qyd8
35
vulnerability VCID-mfzd-r5pm-q7es
36
vulnerability VCID-mvra-6wnv-xya1
37
vulnerability VCID-nzdu-xh5w-27g7
38
vulnerability VCID-pmb3-k9w1-y7gm
39
vulnerability VCID-qrhh-c86j-rqe6
40
vulnerability VCID-s99v-qdmh-ebf8
41
vulnerability VCID-txyu-4qkf-r3cs
42
vulnerability VCID-x6g5-a61e-3khu
43
vulnerability VCID-ywfx-pjg6-aqcj
44
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.1-rc1
1
url pkg:composer/silverstripe/framework@4.0.1
purl pkg:composer/silverstripe/framework@4.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-25r7-spjd-qufz
2
vulnerability VCID-2e1q-fc4b-mydq
3
vulnerability VCID-2p3r-ff36-aqfm
4
vulnerability VCID-2uck-cp19-v3e9
5
vulnerability VCID-3497-71mw-yqh8
6
vulnerability VCID-4mg2-rjsn-qyfx
7
vulnerability VCID-4qq2-bbj1-8fdb
8
vulnerability VCID-4vmq-kug8-dug8
9
vulnerability VCID-5ccd-zu9e-yfgp
10
vulnerability VCID-5j19-xx5v-fkck
11
vulnerability VCID-6zn9-kt2q-s3bq
12
vulnerability VCID-7kmy-8ht6-8fcw
13
vulnerability VCID-8csb-m7rv-xyh2
14
vulnerability VCID-9vwe-uejx-c3c5
15
vulnerability VCID-adng-1x6w-2baj
16
vulnerability VCID-c3aa-8je2-quek
17
vulnerability VCID-cskj-c9ur-47dj
18
vulnerability VCID-d1ap-2u1x-y7gg
19
vulnerability VCID-d62k-jng6-5fd8
20
vulnerability VCID-d6gt-9mst-dub4
21
vulnerability VCID-dgmv-7v1e-k3b9
22
vulnerability VCID-djww-2v4e-qkb2
23
vulnerability VCID-ewqs-8fqc-b3hk
24
vulnerability VCID-fn6y-hytc-r3b5
25
vulnerability VCID-gr5g-7tkc-2kfa
26
vulnerability VCID-hj46-jp5w-ckd1
27
vulnerability VCID-jc9t-3hb5-z3g5
28
vulnerability VCID-jxym-rkhj-yybr
29
vulnerability VCID-k2xa-uwrr-ffez
30
vulnerability VCID-kcq9-5h99-abct
31
vulnerability VCID-m2bw-tabk-qyd8
32
vulnerability VCID-mfzd-r5pm-q7es
33
vulnerability VCID-mvra-6wnv-xya1
34
vulnerability VCID-nzdu-xh5w-27g7
35
vulnerability VCID-pmb3-k9w1-y7gm
36
vulnerability VCID-qrhh-c86j-rqe6
37
vulnerability VCID-txyu-4qkf-r3cs
38
vulnerability VCID-x6g5-a61e-3khu
39
vulnerability VCID-ywfx-pjg6-aqcj
40
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.1
2
url pkg:composer/silverstripe/framework@4.3.5
purl pkg:composer/silverstripe/framework@4.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d62k-jng6-5fd8
11
vulnerability VCID-d6gt-9mst-dub4
12
vulnerability VCID-dgmv-7v1e-k3b9
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-hj46-jp5w-ckd1
18
vulnerability VCID-k2xa-uwrr-ffez
19
vulnerability VCID-kcq9-5h99-abct
20
vulnerability VCID-mvra-6wnv-xya1
21
vulnerability VCID-nzdu-xh5w-27g7
22
vulnerability VCID-qrhh-c86j-rqe6
23
vulnerability VCID-txyu-4qkf-r3cs
24
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.5
3
url pkg:composer/silverstripe/framework@4.4.4
purl pkg:composer/silverstripe/framework@4.4.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-4ywc-gcvd-73a9
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-5j19-xx5v-fkck
7
vulnerability VCID-8csb-m7rv-xyh2
8
vulnerability VCID-adng-1x6w-2baj
9
vulnerability VCID-cskj-c9ur-47dj
10
vulnerability VCID-d1ap-2u1x-y7gg
11
vulnerability VCID-d62k-jng6-5fd8
12
vulnerability VCID-d6gt-9mst-dub4
13
vulnerability VCID-dgmv-7v1e-k3b9
14
vulnerability VCID-djww-2v4e-qkb2
15
vulnerability VCID-ewqs-8fqc-b3hk
16
vulnerability VCID-fn6y-hytc-r3b5
17
vulnerability VCID-gr5g-7tkc-2kfa
18
vulnerability VCID-hj46-jp5w-ckd1
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-kcq9-5h99-abct
21
vulnerability VCID-mvra-6wnv-xya1
22
vulnerability VCID-nzdu-xh5w-27g7
23
vulnerability VCID-qrhh-c86j-rqe6
24
vulnerability VCID-txyu-4qkf-r3cs
25
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.4.4
aliases CVE-2019-14273, GHSA-43jj-2rwc-2m3f
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k6ed-y2ud-wffu
21
url VCID-kcq9-5h99-abct
vulnerability_id VCID-kcq9-5h99-abct
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-47605
reference_id
reference_type
scores
0
value 0.05366
scoring_system epss
scoring_elements 0.9023
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-47605
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2024-47605.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2024-47605.yaml
2
reference_url https://github.com/silverstripe/silverstripe-asset-admin/security/advisories/GHSA-7cmp-cgg8-4c82
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:53:47Z/
url https://github.com/silverstripe/silverstripe-asset-admin/security/advisories/GHSA-7cmp-cgg8-4c82
3
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
4
reference_url https://github.com/silverstripe/silverstripe-framework/commit/09b5052c86932f273e0d733428c9aade70ff2a4a
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:53:47Z/
url https://github.com/silverstripe/silverstripe-framework/commit/09b5052c86932f273e0d733428c9aade70ff2a4a
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-47605
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-47605
6
reference_url https://www.silverstripe.org/download/security-releases/cve-2024-47605
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:53:47Z/
url https://www.silverstripe.org/download/security-releases/cve-2024-47605
7
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52199.txt
reference_id CVE-2024-47605
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52199.txt
8
reference_url https://github.com/advisories/GHSA-7cmp-cgg8-4c82
reference_id GHSA-7cmp-cgg8-4c82
reference_type
scores
url https://github.com/advisories/GHSA-7cmp-cgg8-4c82
fixed_packages
0
url pkg:composer/silverstripe/framework@5.3.8
purl pkg:composer/silverstripe/framework@5.3.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.3.8
1
url pkg:composer/silverstripe/framework@6.0.0-alpha1
purl pkg:composer/silverstripe/framework@6.0.0-alpha1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@6.0.0-alpha1
aliases CVE-2024-47605, GHSA-7cmp-cgg8-4c82
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kcq9-5h99-abct
22
url VCID-m2bw-tabk-qyd8
vulnerability_id VCID-m2bw-tabk-qyd8
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12617
reference_id
reference_type
scores
0
value 0.00304
scoring_system epss
scoring_elements 0.53918
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12617
1
reference_url https://forum.silverstripe.org/c/releases
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://forum.silverstripe.org/c/releases
2
reference_url https://www.silverstripe.org/blog/tag/release
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/blog/tag/release
3
reference_url https://www.silverstripe.org/download/security-releases
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases
4
reference_url https://www.silverstripe.org/download/security-releases/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/
5
reference_url https://www.silverstripe.org/download/security-releases/cve-2019-12617
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/cve-2019-12617
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-12617
reference_id CVE-2019-12617
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-12617
7
reference_url https://www.silverstripe.org/download/security-releases/cve-2019-12617/
reference_id CVE-2019-12617
reference_type
scores
url https://www.silverstripe.org/download/security-releases/cve-2019-12617/
8
reference_url https://www.silverstripe.org/download/security-releases/CVE-2019-12617
reference_id CVE-2019-12617
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/CVE-2019-12617
9
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-12617.yaml
reference_id CVE-2019-12617.YAML
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-12617.yaml
10
reference_url https://github.com/advisories/GHSA-6r58-4xgr-gm6m
reference_id GHSA-6r58-4xgr-gm6m
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6r58-4xgr-gm6m
fixed_packages
0
url pkg:composer/silverstripe/framework@4.3.4
purl pkg:composer/silverstripe/framework@4.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d62k-jng6-5fd8
11
vulnerability VCID-d6gt-9mst-dub4
12
vulnerability VCID-dgmv-7v1e-k3b9
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-hj46-jp5w-ckd1
18
vulnerability VCID-jc9t-3hb5-z3g5
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-kcq9-5h99-abct
21
vulnerability VCID-mvra-6wnv-xya1
22
vulnerability VCID-nzdu-xh5w-27g7
23
vulnerability VCID-qrhh-c86j-rqe6
24
vulnerability VCID-txyu-4qkf-r3cs
25
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.4
1
url pkg:composer/silverstripe/framework@4.3.5
purl pkg:composer/silverstripe/framework@4.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d62k-jng6-5fd8
11
vulnerability VCID-d6gt-9mst-dub4
12
vulnerability VCID-dgmv-7v1e-k3b9
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-hj46-jp5w-ckd1
18
vulnerability VCID-k2xa-uwrr-ffez
19
vulnerability VCID-kcq9-5h99-abct
20
vulnerability VCID-mvra-6wnv-xya1
21
vulnerability VCID-nzdu-xh5w-27g7
22
vulnerability VCID-qrhh-c86j-rqe6
23
vulnerability VCID-txyu-4qkf-r3cs
24
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.5
2
url pkg:composer/silverstripe/framework@4.4.4
purl pkg:composer/silverstripe/framework@4.4.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-4ywc-gcvd-73a9
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-5j19-xx5v-fkck
7
vulnerability VCID-8csb-m7rv-xyh2
8
vulnerability VCID-adng-1x6w-2baj
9
vulnerability VCID-cskj-c9ur-47dj
10
vulnerability VCID-d1ap-2u1x-y7gg
11
vulnerability VCID-d62k-jng6-5fd8
12
vulnerability VCID-d6gt-9mst-dub4
13
vulnerability VCID-dgmv-7v1e-k3b9
14
vulnerability VCID-djww-2v4e-qkb2
15
vulnerability VCID-ewqs-8fqc-b3hk
16
vulnerability VCID-fn6y-hytc-r3b5
17
vulnerability VCID-gr5g-7tkc-2kfa
18
vulnerability VCID-hj46-jp5w-ckd1
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-kcq9-5h99-abct
21
vulnerability VCID-mvra-6wnv-xya1
22
vulnerability VCID-nzdu-xh5w-27g7
23
vulnerability VCID-qrhh-c86j-rqe6
24
vulnerability VCID-txyu-4qkf-r3cs
25
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.4.4
aliases CVE-2019-12617, GHSA-6r58-4xgr-gm6m
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m2bw-tabk-qyd8
23
url VCID-mvra-6wnv-xya1
vulnerability_id VCID-mvra-6wnv-xya1
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
SilverStripe Framework suffers from a XSS vulnerablity.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-36150
reference_id
reference_type
scores
0
value 0.00372
scoring_system epss
scoring_elements 0.59233
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-36150
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/admin/CVE-2021-36150.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/admin/CVE-2021-36150.yaml
2
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
3
reference_url https://github.com/silverstripe/silverstripe-framework/releases
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/releases
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-36150
reference_id CVE-2021-36150
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-36150
5
reference_url https://www.silverstripe.org/download/security-releases/CVE-2021-36150
reference_id CVE-2021-36150
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/CVE-2021-36150
6
reference_url https://github.com/advisories/GHSA-j66h-cc96-c32q
reference_id GHSA-j66h-cc96-c32q
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j66h-cc96-c32q
fixed_packages
0
url pkg:composer/silverstripe/framework@4.9.0-alpha1
purl pkg:composer/silverstripe/framework@4.9.0-alpha1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-d1ap-2u1x-y7gg
9
vulnerability VCID-d6gt-9mst-dub4
10
vulnerability VCID-ewqs-8fqc-b3hk
11
vulnerability VCID-gr5g-7tkc-2kfa
12
vulnerability VCID-hj46-jp5w-ckd1
13
vulnerability VCID-k2xa-uwrr-ffez
14
vulnerability VCID-kcq9-5h99-abct
15
vulnerability VCID-nzdu-xh5w-27g7
16
vulnerability VCID-txyu-4qkf-r3cs
17
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.9.0-alpha1
1
url pkg:composer/silverstripe/framework@4.9.0
purl pkg:composer/silverstripe/framework@4.9.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-d1ap-2u1x-y7gg
9
vulnerability VCID-d6gt-9mst-dub4
10
vulnerability VCID-ewqs-8fqc-b3hk
11
vulnerability VCID-gr5g-7tkc-2kfa
12
vulnerability VCID-hj46-jp5w-ckd1
13
vulnerability VCID-k2xa-uwrr-ffez
14
vulnerability VCID-kcq9-5h99-abct
15
vulnerability VCID-nzdu-xh5w-27g7
16
vulnerability VCID-txyu-4qkf-r3cs
17
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.9.0
aliases CVE-2021-36150, GHSA-j66h-cc96-c32q
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mvra-6wnv-xya1
24
url VCID-nzdu-xh5w-27g7
vulnerability_id VCID-nzdu-xh5w-27g7
summary 
URL Redirection to Untrusted Site ('Open Redirect')
Silverstripe Framework is the Model-View-Controller framework that powers the Silverstripe content management system. Prior to version 4.12.15, an attacker can display a link to a third party website on a login screen by convincing a legitimate content author to follow a specially crafted link. Users should upgrade to Silverstripe Framework 4.12.15 or above to address the issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-22729
reference_id
reference_type
scores
0
value 0.00203
scoring_system epss
scoring_elements 0.42254
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-22729
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-22729.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-22729.yaml
2
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
3
reference_url https://github.com/silverstripe/silverstripe-framework/commit/1a5bb4cbece1721203977910b8ecd8b79c18dc77
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-31T16:10:14Z/
url https://github.com/silverstripe/silverstripe-framework/commit/1a5bb4cbece1721203977910b8ecd8b79c18dc77
4
reference_url https://www.silverstripe.org/download/security-releases/cve-2023-22729
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/cve-2023-22729
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-22729
reference_id CVE-2023-22729
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-22729
6
reference_url https://github.com/advisories/GHSA-fw84-xgm8-9jmv
reference_id GHSA-fw84-xgm8-9jmv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fw84-xgm8-9jmv
7
reference_url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-fw84-xgm8-9jmv
reference_id GHSA-fw84-xgm8-9jmv
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-31T16:10:14Z/
url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-fw84-xgm8-9jmv
fixed_packages
0
url pkg:composer/silverstripe/framework@4.12.5
purl pkg:composer/silverstripe/framework@4.12.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-4qq2-bbj1-8fdb
2
vulnerability VCID-adng-1x6w-2baj
3
vulnerability VCID-d1ap-2u1x-y7gg
4
vulnerability VCID-d6gt-9mst-dub4
5
vulnerability VCID-ewqs-8fqc-b3hk
6
vulnerability VCID-k2xa-uwrr-ffez
7
vulnerability VCID-kcq9-5h99-abct
8
vulnerability VCID-txyu-4qkf-r3cs
9
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.12.5
aliases CVE-2023-22729, GHSA-fw84-xgm8-9jmv
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nzdu-xh5w-27g7
25
url VCID-pq7w-n99a-q7cj
vulnerability_id VCID-pq7w-n99a-q7cj
summary 
Injection Vulnerability
In the CSV export feature of SilverStripe, it is possible for the output to contain macros and scripts, which may be executed if imported without sanitization into common software.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-18049
reference_id
reference_type
scores
0
value 0.00212
scoring_system epss
scoring_elements 0.43716
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-18049
1
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
2
reference_url https://www.exploit-db.com/exploits/43396
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/43396
3
reference_url https://www.exploit-db.com/exploits/43396/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/43396/
4
reference_url https://www.silverstripe.org/download/security-releases/ss-2017-007
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/ss-2017-007
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-18049
reference_id CVE-2017-18049
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-18049
fixed_packages
0
url pkg:composer/silverstripe/framework@3.5.6-rc1
purl pkg:composer/silverstripe/framework@3.5.6-rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2af9-znrv-3bf7
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-3497-71mw-yqh8
3
vulnerability VCID-4mg2-rjsn-qyfx
4
vulnerability VCID-4qq2-bbj1-8fdb
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-7kmy-8ht6-8fcw
7
vulnerability VCID-8csb-m7rv-xyh2
8
vulnerability VCID-8z35-2baj-cqdb
9
vulnerability VCID-9vwe-uejx-c3c5
10
vulnerability VCID-adng-1x6w-2baj
11
vulnerability VCID-cskj-c9ur-47dj
12
vulnerability VCID-d1ap-2u1x-y7gg
13
vulnerability VCID-d6gt-9mst-dub4
14
vulnerability VCID-djww-2v4e-qkb2
15
vulnerability VCID-ewqs-8fqc-b3hk
16
vulnerability VCID-fn6y-hytc-r3b5
17
vulnerability VCID-gr5g-7tkc-2kfa
18
vulnerability VCID-hp6e-75gr-uuan
19
vulnerability VCID-hsfb-xx67-7qg6
20
vulnerability VCID-k1aa-deyg-2kdg
21
vulnerability VCID-k2xa-uwrr-ffez
22
vulnerability VCID-k6ed-y2ud-wffu
23
vulnerability VCID-k8vz-xw7w-e3dg
24
vulnerability VCID-kcq9-5h99-abct
25
vulnerability VCID-m2bw-tabk-qyd8
26
vulnerability VCID-mvra-6wnv-xya1
27
vulnerability VCID-nzdu-xh5w-27g7
28
vulnerability VCID-qrhh-c86j-rqe6
29
vulnerability VCID-tp75-2k7m-6yaw
30
vulnerability VCID-txyu-4qkf-r3cs
31
vulnerability VCID-x6g5-a61e-3khu
32
vulnerability VCID-ywfx-pjg6-aqcj
33
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.5.6-rc1
1
url pkg:composer/silverstripe/framework@3.5.6
purl pkg:composer/silverstripe/framework@3.5.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-3497-71mw-yqh8
2
vulnerability VCID-4mg2-rjsn-qyfx
3
vulnerability VCID-4qq2-bbj1-8fdb
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-7kmy-8ht6-8fcw
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-8z35-2baj-cqdb
8
vulnerability VCID-9vwe-uejx-c3c5
9
vulnerability VCID-adng-1x6w-2baj
10
vulnerability VCID-cskj-c9ur-47dj
11
vulnerability VCID-d1ap-2u1x-y7gg
12
vulnerability VCID-d6gt-9mst-dub4
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-k1aa-deyg-2kdg
18
vulnerability VCID-k2xa-uwrr-ffez
19
vulnerability VCID-k6ed-y2ud-wffu
20
vulnerability VCID-kcq9-5h99-abct
21
vulnerability VCID-m2bw-tabk-qyd8
22
vulnerability VCID-mvra-6wnv-xya1
23
vulnerability VCID-nzdu-xh5w-27g7
24
vulnerability VCID-qrhh-c86j-rqe6
25
vulnerability VCID-tp75-2k7m-6yaw
26
vulnerability VCID-txyu-4qkf-r3cs
27
vulnerability VCID-x6g5-a61e-3khu
28
vulnerability VCID-ywfx-pjg6-aqcj
29
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.5.6
2
url pkg:composer/silverstripe/framework@3.6.3-rc2
purl pkg:composer/silverstripe/framework@3.6.3-rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2af9-znrv-3bf7
1
vulnerability VCID-2e1q-fc4b-mydq
2
vulnerability VCID-2uck-cp19-v3e9
3
vulnerability VCID-3497-71mw-yqh8
4
vulnerability VCID-4mg2-rjsn-qyfx
5
vulnerability VCID-4qq2-bbj1-8fdb
6
vulnerability VCID-5ccd-zu9e-yfgp
7
vulnerability VCID-7kmy-8ht6-8fcw
8
vulnerability VCID-8csb-m7rv-xyh2
9
vulnerability VCID-8z35-2baj-cqdb
10
vulnerability VCID-9vwe-uejx-c3c5
11
vulnerability VCID-adng-1x6w-2baj
12
vulnerability VCID-cskj-c9ur-47dj
13
vulnerability VCID-d1ap-2u1x-y7gg
14
vulnerability VCID-d6gt-9mst-dub4
15
vulnerability VCID-djww-2v4e-qkb2
16
vulnerability VCID-ewqs-8fqc-b3hk
17
vulnerability VCID-fn6y-hytc-r3b5
18
vulnerability VCID-gr5g-7tkc-2kfa
19
vulnerability VCID-hp6e-75gr-uuan
20
vulnerability VCID-hsfb-xx67-7qg6
21
vulnerability VCID-k1aa-deyg-2kdg
22
vulnerability VCID-k2xa-uwrr-ffez
23
vulnerability VCID-k6ed-y2ud-wffu
24
vulnerability VCID-k8vz-xw7w-e3dg
25
vulnerability VCID-kcq9-5h99-abct
26
vulnerability VCID-m2bw-tabk-qyd8
27
vulnerability VCID-mvra-6wnv-xya1
28
vulnerability VCID-nzdu-xh5w-27g7
29
vulnerability VCID-qrhh-c86j-rqe6
30
vulnerability VCID-tp75-2k7m-6yaw
31
vulnerability VCID-txyu-4qkf-r3cs
32
vulnerability VCID-x6g5-a61e-3khu
33
vulnerability VCID-ywfx-pjg6-aqcj
34
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.6.3-rc2
3
url pkg:composer/silverstripe/framework@3.6.3
purl pkg:composer/silverstripe/framework@3.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2e1q-fc4b-mydq
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-3497-71mw-yqh8
3
vulnerability VCID-4mg2-rjsn-qyfx
4
vulnerability VCID-4qq2-bbj1-8fdb
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-7kmy-8ht6-8fcw
7
vulnerability VCID-8csb-m7rv-xyh2
8
vulnerability VCID-8z35-2baj-cqdb
9
vulnerability VCID-9vwe-uejx-c3c5
10
vulnerability VCID-adng-1x6w-2baj
11
vulnerability VCID-cskj-c9ur-47dj
12
vulnerability VCID-d1ap-2u1x-y7gg
13
vulnerability VCID-d6gt-9mst-dub4
14
vulnerability VCID-djww-2v4e-qkb2
15
vulnerability VCID-ewqs-8fqc-b3hk
16
vulnerability VCID-fn6y-hytc-r3b5
17
vulnerability VCID-gr5g-7tkc-2kfa
18
vulnerability VCID-k1aa-deyg-2kdg
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-k6ed-y2ud-wffu
21
vulnerability VCID-kcq9-5h99-abct
22
vulnerability VCID-m2bw-tabk-qyd8
23
vulnerability VCID-mvra-6wnv-xya1
24
vulnerability VCID-nzdu-xh5w-27g7
25
vulnerability VCID-qrhh-c86j-rqe6
26
vulnerability VCID-tp75-2k7m-6yaw
27
vulnerability VCID-txyu-4qkf-r3cs
28
vulnerability VCID-x6g5-a61e-3khu
29
vulnerability VCID-ywfx-pjg6-aqcj
30
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.6.3
4
url pkg:composer/silverstripe/framework@4.0.1-rc1
purl pkg:composer/silverstripe/framework@4.0.1-rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-25r7-spjd-qufz
2
vulnerability VCID-2e1q-fc4b-mydq
3
vulnerability VCID-2p3r-ff36-aqfm
4
vulnerability VCID-2uck-cp19-v3e9
5
vulnerability VCID-3497-71mw-yqh8
6
vulnerability VCID-4mg2-rjsn-qyfx
7
vulnerability VCID-4qq2-bbj1-8fdb
8
vulnerability VCID-4vmq-kug8-dug8
9
vulnerability VCID-5ccd-zu9e-yfgp
10
vulnerability VCID-5j19-xx5v-fkck
11
vulnerability VCID-6zn9-kt2q-s3bq
12
vulnerability VCID-7kmy-8ht6-8fcw
13
vulnerability VCID-8csb-m7rv-xyh2
14
vulnerability VCID-9vwe-uejx-c3c5
15
vulnerability VCID-adng-1x6w-2baj
16
vulnerability VCID-c3aa-8je2-quek
17
vulnerability VCID-cskj-c9ur-47dj
18
vulnerability VCID-d1ap-2u1x-y7gg
19
vulnerability VCID-d62k-jng6-5fd8
20
vulnerability VCID-d6gt-9mst-dub4
21
vulnerability VCID-dgmv-7v1e-k3b9
22
vulnerability VCID-djww-2v4e-qkb2
23
vulnerability VCID-ewqs-8fqc-b3hk
24
vulnerability VCID-fn6y-hytc-r3b5
25
vulnerability VCID-gr5g-7tkc-2kfa
26
vulnerability VCID-hj46-jp5w-ckd1
27
vulnerability VCID-hp6e-75gr-uuan
28
vulnerability VCID-hsfb-xx67-7qg6
29
vulnerability VCID-jc9t-3hb5-z3g5
30
vulnerability VCID-jxym-rkhj-yybr
31
vulnerability VCID-k2xa-uwrr-ffez
32
vulnerability VCID-k8vz-xw7w-e3dg
33
vulnerability VCID-kcq9-5h99-abct
34
vulnerability VCID-m2bw-tabk-qyd8
35
vulnerability VCID-mfzd-r5pm-q7es
36
vulnerability VCID-mvra-6wnv-xya1
37
vulnerability VCID-nzdu-xh5w-27g7
38
vulnerability VCID-pmb3-k9w1-y7gm
39
vulnerability VCID-qrhh-c86j-rqe6
40
vulnerability VCID-s99v-qdmh-ebf8
41
vulnerability VCID-txyu-4qkf-r3cs
42
vulnerability VCID-x6g5-a61e-3khu
43
vulnerability VCID-ywfx-pjg6-aqcj
44
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.1-rc1
5
url pkg:composer/silverstripe/framework@4.0.1
purl pkg:composer/silverstripe/framework@4.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-25r7-spjd-qufz
2
vulnerability VCID-2e1q-fc4b-mydq
3
vulnerability VCID-2p3r-ff36-aqfm
4
vulnerability VCID-2uck-cp19-v3e9
5
vulnerability VCID-3497-71mw-yqh8
6
vulnerability VCID-4mg2-rjsn-qyfx
7
vulnerability VCID-4qq2-bbj1-8fdb
8
vulnerability VCID-4vmq-kug8-dug8
9
vulnerability VCID-5ccd-zu9e-yfgp
10
vulnerability VCID-5j19-xx5v-fkck
11
vulnerability VCID-6zn9-kt2q-s3bq
12
vulnerability VCID-7kmy-8ht6-8fcw
13
vulnerability VCID-8csb-m7rv-xyh2
14
vulnerability VCID-9vwe-uejx-c3c5
15
vulnerability VCID-adng-1x6w-2baj
16
vulnerability VCID-c3aa-8je2-quek
17
vulnerability VCID-cskj-c9ur-47dj
18
vulnerability VCID-d1ap-2u1x-y7gg
19
vulnerability VCID-d62k-jng6-5fd8
20
vulnerability VCID-d6gt-9mst-dub4
21
vulnerability VCID-dgmv-7v1e-k3b9
22
vulnerability VCID-djww-2v4e-qkb2
23
vulnerability VCID-ewqs-8fqc-b3hk
24
vulnerability VCID-fn6y-hytc-r3b5
25
vulnerability VCID-gr5g-7tkc-2kfa
26
vulnerability VCID-hj46-jp5w-ckd1
27
vulnerability VCID-jc9t-3hb5-z3g5
28
vulnerability VCID-jxym-rkhj-yybr
29
vulnerability VCID-k2xa-uwrr-ffez
30
vulnerability VCID-kcq9-5h99-abct
31
vulnerability VCID-m2bw-tabk-qyd8
32
vulnerability VCID-mfzd-r5pm-q7es
33
vulnerability VCID-mvra-6wnv-xya1
34
vulnerability VCID-nzdu-xh5w-27g7
35
vulnerability VCID-pmb3-k9w1-y7gm
36
vulnerability VCID-qrhh-c86j-rqe6
37
vulnerability VCID-txyu-4qkf-r3cs
38
vulnerability VCID-x6g5-a61e-3khu
39
vulnerability VCID-ywfx-pjg6-aqcj
40
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.1
aliases CVE-2017-18049, GHSA-2jvj-mhf2-g99w
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pq7w-n99a-q7cj
26
url VCID-qrhh-c86j-rqe6
vulnerability_id VCID-qrhh-c86j-rqe6
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-25817
reference_id
reference_type
scores
0
value 0.00348
scoring_system epss
scoring_elements 0.57604
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-25817
1
reference_url https://forum.silverstripe.org/c/releases
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://forum.silverstripe.org/c/releases
2
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
3
reference_url https://www.silverstripe.org/blog/tag/release
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/blog/tag/release
4
reference_url https://www.silverstripe.org/download/security-releases
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases
5
reference_url https://www.silverstripe.org/download/security-releases/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-25817
reference_id CVE-2020-25817
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-25817
7
reference_url https://www.silverstripe.org/download/security-releases/cve-2021-25817
reference_id CVE-2021-25817
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/cve-2021-25817
8
reference_url https://github.com/advisories/GHSA-3vjc-5x79-m9r8
reference_id GHSA-3vjc-5x79-m9r8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3vjc-5x79-m9r8
fixed_packages
0
url pkg:composer/silverstripe/framework@4.6.0
purl pkg:composer/silverstripe/framework@4.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-d1ap-2u1x-y7gg
9
vulnerability VCID-d6gt-9mst-dub4
10
vulnerability VCID-ewqs-8fqc-b3hk
11
vulnerability VCID-gr5g-7tkc-2kfa
12
vulnerability VCID-hj46-jp5w-ckd1
13
vulnerability VCID-k2xa-uwrr-ffez
14
vulnerability VCID-kcq9-5h99-abct
15
vulnerability VCID-mvra-6wnv-xya1
16
vulnerability VCID-nzdu-xh5w-27g7
17
vulnerability VCID-txyu-4qkf-r3cs
18
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.6.0
1
url pkg:composer/silverstripe/framework@4.7.4
purl pkg:composer/silverstripe/framework@4.7.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-d1ap-2u1x-y7gg
9
vulnerability VCID-d6gt-9mst-dub4
10
vulnerability VCID-ewqs-8fqc-b3hk
11
vulnerability VCID-gr5g-7tkc-2kfa
12
vulnerability VCID-hj46-jp5w-ckd1
13
vulnerability VCID-k2xa-uwrr-ffez
14
vulnerability VCID-kcq9-5h99-abct
15
vulnerability VCID-mvra-6wnv-xya1
16
vulnerability VCID-nzdu-xh5w-27g7
17
vulnerability VCID-txyu-4qkf-r3cs
18
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.7.4
aliases CVE-2020-25817, GHSA-3vjc-5x79-m9r8
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qrhh-c86j-rqe6
27
url VCID-s4vd-dw41-wkgn
vulnerability_id VCID-s4vd-dw41-wkgn
summary silverstripe/framework has Cross-site Scripting vulnerability in page history comparison
references
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2017-004-1.yaml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2017-004-1.yaml
1
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
2
reference_url https://github.com/silverstripe/silverstripe-framework/commit/2b72c0f73b668ddf7c059319da915a6c08652278
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/commit/2b72c0f73b668ddf7c059319da915a6c08652278
3
reference_url https://www.silverstripe.org/download/security-releases/ss-2017-004
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/ss-2017-004
4
reference_url https://github.com/advisories/GHSA-c4c3-j73v-634r
reference_id GHSA-c4c3-j73v-634r
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c4c3-j73v-634r
fixed_packages
0
url pkg:composer/silverstripe/framework@3.4.6
purl pkg:composer/silverstripe/framework@3.4.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-3497-71mw-yqh8
2
vulnerability VCID-4mg2-rjsn-qyfx
3
vulnerability VCID-4qq2-bbj1-8fdb
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-7kmy-8ht6-8fcw
6
vulnerability VCID-89jy-34ks-5kds
7
vulnerability VCID-8csb-m7rv-xyh2
8
vulnerability VCID-9vwe-uejx-c3c5
9
vulnerability VCID-adng-1x6w-2baj
10
vulnerability VCID-cskj-c9ur-47dj
11
vulnerability VCID-d1ap-2u1x-y7gg
12
vulnerability VCID-d6gt-9mst-dub4
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-k1aa-deyg-2kdg
18
vulnerability VCID-k2xa-uwrr-ffez
19
vulnerability VCID-k6ed-y2ud-wffu
20
vulnerability VCID-kcq9-5h99-abct
21
vulnerability VCID-m2bw-tabk-qyd8
22
vulnerability VCID-mvra-6wnv-xya1
23
vulnerability VCID-nzdu-xh5w-27g7
24
vulnerability VCID-pq7w-n99a-q7cj
25
vulnerability VCID-qrhh-c86j-rqe6
26
vulnerability VCID-tp75-2k7m-6yaw
27
vulnerability VCID-txyu-4qkf-r3cs
28
vulnerability VCID-vrv4-sy3z-jfe2
29
vulnerability VCID-x6g5-a61e-3khu
30
vulnerability VCID-xazf-vmz5-r3dj
31
vulnerability VCID-ywfx-pjg6-aqcj
32
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.4.6
1
url pkg:composer/silverstripe/framework@3.5.4
purl pkg:composer/silverstripe/framework@3.5.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2af9-znrv-3bf7
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-3497-71mw-yqh8
3
vulnerability VCID-4mg2-rjsn-qyfx
4
vulnerability VCID-4qq2-bbj1-8fdb
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-7kmy-8ht6-8fcw
7
vulnerability VCID-8csb-m7rv-xyh2
8
vulnerability VCID-9vwe-uejx-c3c5
9
vulnerability VCID-adng-1x6w-2baj
10
vulnerability VCID-cskj-c9ur-47dj
11
vulnerability VCID-d1ap-2u1x-y7gg
12
vulnerability VCID-d6gt-9mst-dub4
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-hp6e-75gr-uuan
18
vulnerability VCID-hsfb-xx67-7qg6
19
vulnerability VCID-k1aa-deyg-2kdg
20
vulnerability VCID-k2xa-uwrr-ffez
21
vulnerability VCID-k6ed-y2ud-wffu
22
vulnerability VCID-k8vz-xw7w-e3dg
23
vulnerability VCID-kcq9-5h99-abct
24
vulnerability VCID-m2bw-tabk-qyd8
25
vulnerability VCID-mvra-6wnv-xya1
26
vulnerability VCID-nzdu-xh5w-27g7
27
vulnerability VCID-pq7w-n99a-q7cj
28
vulnerability VCID-qrhh-c86j-rqe6
29
vulnerability VCID-tp75-2k7m-6yaw
30
vulnerability VCID-txyu-4qkf-r3cs
31
vulnerability VCID-vrv4-sy3z-jfe2
32
vulnerability VCID-x6g5-a61e-3khu
33
vulnerability VCID-xazf-vmz5-r3dj
34
vulnerability VCID-yhh9-rkh9-rqeu
35
vulnerability VCID-ywfx-pjg6-aqcj
36
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.5.4
aliases GHSA-c4c3-j73v-634r
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s4vd-dw41-wkgn
28
url VCID-seq6-f1js-u3f3
vulnerability_id VCID-seq6-f1js-u3f3
summary silverstripe/framework has Cross-site Scripting vulnerability in page name
references
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2017-001-1.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2017-001-1.yaml
1
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
2
reference_url https://github.com/silverstripe/silverstripe-framework/commit/9574d627f95aca7ae0fcefcae2bf56215777e190
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/commit/9574d627f95aca7ae0fcefcae2bf56215777e190
3
reference_url https://www.silverstripe.org/download/security-releases/ss-2017-001
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/ss-2017-001
4
reference_url https://github.com/advisories/GHSA-hhvj-mcrx-3vcf
reference_id GHSA-hhvj-mcrx-3vcf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hhvj-mcrx-3vcf
fixed_packages
0
url pkg:composer/silverstripe/framework@3.4.4
purl pkg:composer/silverstripe/framework@3.4.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2b81-t1vt-3uar
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-3497-71mw-yqh8
3
vulnerability VCID-4mg2-rjsn-qyfx
4
vulnerability VCID-4qq2-bbj1-8fdb
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-7kmy-8ht6-8fcw
7
vulnerability VCID-89jy-34ks-5kds
8
vulnerability VCID-8csb-m7rv-xyh2
9
vulnerability VCID-9vwe-uejx-c3c5
10
vulnerability VCID-adng-1x6w-2baj
11
vulnerability VCID-cskj-c9ur-47dj
12
vulnerability VCID-d1ap-2u1x-y7gg
13
vulnerability VCID-d6gt-9mst-dub4
14
vulnerability VCID-djww-2v4e-qkb2
15
vulnerability VCID-ewqs-8fqc-b3hk
16
vulnerability VCID-fn6y-hytc-r3b5
17
vulnerability VCID-gr5g-7tkc-2kfa
18
vulnerability VCID-k1aa-deyg-2kdg
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-k6ed-y2ud-wffu
21
vulnerability VCID-kcq9-5h99-abct
22
vulnerability VCID-m2bw-tabk-qyd8
23
vulnerability VCID-mvra-6wnv-xya1
24
vulnerability VCID-nzdu-xh5w-27g7
25
vulnerability VCID-pq7w-n99a-q7cj
26
vulnerability VCID-qrhh-c86j-rqe6
27
vulnerability VCID-s4vd-dw41-wkgn
28
vulnerability VCID-tp75-2k7m-6yaw
29
vulnerability VCID-txyu-4qkf-r3cs
30
vulnerability VCID-v5s9-xp16-2udf
31
vulnerability VCID-vrv4-sy3z-jfe2
32
vulnerability VCID-x6g5-a61e-3khu
33
vulnerability VCID-xazf-vmz5-r3dj
34
vulnerability VCID-ywfx-pjg6-aqcj
35
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.4.4
1
url pkg:composer/silverstripe/framework@3.5.2
purl pkg:composer/silverstripe/framework@3.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2af9-znrv-3bf7
1
vulnerability VCID-2b81-t1vt-3uar
2
vulnerability VCID-2uck-cp19-v3e9
3
vulnerability VCID-3497-71mw-yqh8
4
vulnerability VCID-4mg2-rjsn-qyfx
5
vulnerability VCID-4qq2-bbj1-8fdb
6
vulnerability VCID-5ccd-zu9e-yfgp
7
vulnerability VCID-7kmy-8ht6-8fcw
8
vulnerability VCID-8csb-m7rv-xyh2
9
vulnerability VCID-9vwe-uejx-c3c5
10
vulnerability VCID-adng-1x6w-2baj
11
vulnerability VCID-cskj-c9ur-47dj
12
vulnerability VCID-d1ap-2u1x-y7gg
13
vulnerability VCID-d6gt-9mst-dub4
14
vulnerability VCID-djww-2v4e-qkb2
15
vulnerability VCID-ewqs-8fqc-b3hk
16
vulnerability VCID-fn6y-hytc-r3b5
17
vulnerability VCID-gr5g-7tkc-2kfa
18
vulnerability VCID-hp6e-75gr-uuan
19
vulnerability VCID-hsfb-xx67-7qg6
20
vulnerability VCID-k1aa-deyg-2kdg
21
vulnerability VCID-k2xa-uwrr-ffez
22
vulnerability VCID-k6ed-y2ud-wffu
23
vulnerability VCID-k8vz-xw7w-e3dg
24
vulnerability VCID-kcq9-5h99-abct
25
vulnerability VCID-m2bw-tabk-qyd8
26
vulnerability VCID-mvra-6wnv-xya1
27
vulnerability VCID-nzdu-xh5w-27g7
28
vulnerability VCID-pq7w-n99a-q7cj
29
vulnerability VCID-qrhh-c86j-rqe6
30
vulnerability VCID-s4vd-dw41-wkgn
31
vulnerability VCID-tp75-2k7m-6yaw
32
vulnerability VCID-txyu-4qkf-r3cs
33
vulnerability VCID-v5s9-xp16-2udf
34
vulnerability VCID-vrv4-sy3z-jfe2
35
vulnerability VCID-x6g5-a61e-3khu
36
vulnerability VCID-xazf-vmz5-r3dj
37
vulnerability VCID-yhh9-rkh9-rqeu
38
vulnerability VCID-ywfx-pjg6-aqcj
39
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.5.2
aliases GHSA-hhvj-mcrx-3vcf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-seq6-f1js-u3f3
29
url VCID-tp75-2k7m-6yaw
vulnerability_id VCID-tp75-2k7m-6yaw
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-9311
reference_id
reference_type
scores
0
value 0.00343
scoring_system epss
scoring_elements 0.57142
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-9311
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2020-9311.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2020-9311.yaml
2
reference_url https://github.com/silverstripe/silverstripe-cms
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-cms
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-9311
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-9311
4
reference_url https://www.silverstripe.org/download/security-releases/cve-2020-9311
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/cve-2020-9311
5
reference_url https://www.silverstripe.org/download/security-releases/CVE-2020-9311
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/CVE-2020-9311
6
reference_url https://github.com/advisories/GHSA-2pw2-qpcp-m47x
reference_id GHSA-2pw2-qpcp-m47x
reference_type
scores
url https://github.com/advisories/GHSA-2pw2-qpcp-m47x
fixed_packages
0
url pkg:composer/silverstripe/framework@3.7.5
purl pkg:composer/silverstripe/framework@3.7.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-4qq2-bbj1-8fdb
2
vulnerability VCID-5ccd-zu9e-yfgp
3
vulnerability VCID-8csb-m7rv-xyh2
4
vulnerability VCID-adng-1x6w-2baj
5
vulnerability VCID-cskj-c9ur-47dj
6
vulnerability VCID-d1ap-2u1x-y7gg
7
vulnerability VCID-d6gt-9mst-dub4
8
vulnerability VCID-djww-2v4e-qkb2
9
vulnerability VCID-ewqs-8fqc-b3hk
10
vulnerability VCID-gr5g-7tkc-2kfa
11
vulnerability VCID-k2xa-uwrr-ffez
12
vulnerability VCID-kcq9-5h99-abct
13
vulnerability VCID-mvra-6wnv-xya1
14
vulnerability VCID-nzdu-xh5w-27g7
15
vulnerability VCID-qrhh-c86j-rqe6
16
vulnerability VCID-txyu-4qkf-r3cs
17
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.7.5
aliases CVE-2020-9311, GHSA-2pw2-qpcp-m47x
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tp75-2k7m-6yaw
30
url VCID-txyu-4qkf-r3cs
vulnerability_id VCID-txyu-4qkf-r3cs
summary 
Exposure of Sensitive Information to an Unauthorized Actor
Silverstripe Framework is the framework that forms the base of the Silverstripe content management system. Prior to versions 4.13.39 and 5.1.11, if a user should not be able to see a record, but that record can be added to a `GridField` using the `GridFieldAddExistingAutocompleter` component, the record's title can be accessed by that user. Versions 4.13.39 and 5.1.11 contain a fix for this issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-48714
reference_id
reference_type
scores
0
value 0.00226
scoring_system epss
scoring_elements 0.45409
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-48714
1
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-48714
reference_id CVE-2023-48714
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-48714
3
reference_url https://www.silverstripe.org/download/security-releases/CVE-2023-48714
reference_id CVE-2023-48714
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T23:32:05Z/
url https://www.silverstripe.org/download/security-releases/CVE-2023-48714
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-48714.yaml
reference_id CVE-2023-48714.YAML
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-48714.yaml
5
reference_url https://github.com/advisories/GHSA-qm2j-qvq3-j29v
reference_id GHSA-qm2j-qvq3-j29v
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qm2j-qvq3-j29v
6
reference_url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-qm2j-qvq3-j29v
reference_id GHSA-qm2j-qvq3-j29v
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T23:32:05Z/
url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-qm2j-qvq3-j29v
fixed_packages
0
url pkg:composer/silverstripe/framework@4.13.39
purl pkg:composer/silverstripe/framework@4.13.39
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-4qq2-bbj1-8fdb
2
vulnerability VCID-d1ap-2u1x-y7gg
3
vulnerability VCID-d6gt-9mst-dub4
4
vulnerability VCID-ewqs-8fqc-b3hk
5
vulnerability VCID-k2xa-uwrr-ffez
6
vulnerability VCID-kcq9-5h99-abct
7
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.13.39
1
url pkg:composer/silverstripe/framework@5.1.11
purl pkg:composer/silverstripe/framework@5.1.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-4qq2-bbj1-8fdb
2
vulnerability VCID-d1ap-2u1x-y7gg
3
vulnerability VCID-d6gt-9mst-dub4
4
vulnerability VCID-ewqs-8fqc-b3hk
5
vulnerability VCID-k2xa-uwrr-ffez
6
vulnerability VCID-kcq9-5h99-abct
7
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.1.11
aliases CVE-2023-48714, GHSA-qm2j-qvq3-j29v
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-txyu-4qkf-r3cs
31
url VCID-v5s9-xp16-2udf
vulnerability_id VCID-v5s9-xp16-2udf
summary silverstripe/framework has Cross-site Scripting vulnerability in RedirectorPage
references
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2017-003-1.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2017-003-1.yaml
1
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
2
reference_url https://www.silverstripe.org/download/security-releases/ss-2017-003
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/ss-2017-003
3
reference_url https://github.com/advisories/GHSA-pp7q-6j3f-74vj
reference_id GHSA-pp7q-6j3f-74vj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pp7q-6j3f-74vj
fixed_packages
0
url pkg:composer/silverstripe/framework@3.4.6
purl pkg:composer/silverstripe/framework@3.4.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-3497-71mw-yqh8
2
vulnerability VCID-4mg2-rjsn-qyfx
3
vulnerability VCID-4qq2-bbj1-8fdb
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-7kmy-8ht6-8fcw
6
vulnerability VCID-89jy-34ks-5kds
7
vulnerability VCID-8csb-m7rv-xyh2
8
vulnerability VCID-9vwe-uejx-c3c5
9
vulnerability VCID-adng-1x6w-2baj
10
vulnerability VCID-cskj-c9ur-47dj
11
vulnerability VCID-d1ap-2u1x-y7gg
12
vulnerability VCID-d6gt-9mst-dub4
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-k1aa-deyg-2kdg
18
vulnerability VCID-k2xa-uwrr-ffez
19
vulnerability VCID-k6ed-y2ud-wffu
20
vulnerability VCID-kcq9-5h99-abct
21
vulnerability VCID-m2bw-tabk-qyd8
22
vulnerability VCID-mvra-6wnv-xya1
23
vulnerability VCID-nzdu-xh5w-27g7
24
vulnerability VCID-pq7w-n99a-q7cj
25
vulnerability VCID-qrhh-c86j-rqe6
26
vulnerability VCID-tp75-2k7m-6yaw
27
vulnerability VCID-txyu-4qkf-r3cs
28
vulnerability VCID-vrv4-sy3z-jfe2
29
vulnerability VCID-x6g5-a61e-3khu
30
vulnerability VCID-xazf-vmz5-r3dj
31
vulnerability VCID-ywfx-pjg6-aqcj
32
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.4.6
1
url pkg:composer/silverstripe/framework@3.5.4
purl pkg:composer/silverstripe/framework@3.5.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2af9-znrv-3bf7
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-3497-71mw-yqh8
3
vulnerability VCID-4mg2-rjsn-qyfx
4
vulnerability VCID-4qq2-bbj1-8fdb
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-7kmy-8ht6-8fcw
7
vulnerability VCID-8csb-m7rv-xyh2
8
vulnerability VCID-9vwe-uejx-c3c5
9
vulnerability VCID-adng-1x6w-2baj
10
vulnerability VCID-cskj-c9ur-47dj
11
vulnerability VCID-d1ap-2u1x-y7gg
12
vulnerability VCID-d6gt-9mst-dub4
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-hp6e-75gr-uuan
18
vulnerability VCID-hsfb-xx67-7qg6
19
vulnerability VCID-k1aa-deyg-2kdg
20
vulnerability VCID-k2xa-uwrr-ffez
21
vulnerability VCID-k6ed-y2ud-wffu
22
vulnerability VCID-k8vz-xw7w-e3dg
23
vulnerability VCID-kcq9-5h99-abct
24
vulnerability VCID-m2bw-tabk-qyd8
25
vulnerability VCID-mvra-6wnv-xya1
26
vulnerability VCID-nzdu-xh5w-27g7
27
vulnerability VCID-pq7w-n99a-q7cj
28
vulnerability VCID-qrhh-c86j-rqe6
29
vulnerability VCID-tp75-2k7m-6yaw
30
vulnerability VCID-txyu-4qkf-r3cs
31
vulnerability VCID-vrv4-sy3z-jfe2
32
vulnerability VCID-x6g5-a61e-3khu
33
vulnerability VCID-xazf-vmz5-r3dj
34
vulnerability VCID-yhh9-rkh9-rqeu
35
vulnerability VCID-ywfx-pjg6-aqcj
36
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.5.4
aliases GHSA-pp7q-6j3f-74vj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v5s9-xp16-2udf
32
url VCID-vrv4-sy3z-jfe2
vulnerability_id VCID-vrv4-sy3z-jfe2
summary 
Cross-site Scripting
SilverStripe CMS has an XSS via an SVG document that is mishandled by (1) the Insert Media option in the content editor or (2) an `admin/assets/add` pathname.
references
0
reference_url http://lists.openwall.net/full-disclosure/2017/09/14/2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.openwall.net/full-disclosure/2017/09/14/2
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-14498
reference_id
reference_type
scores
0
value 0.00375
scoring_system epss
scoring_elements 0.59419
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-14498
2
reference_url https://docs.silverstripe.org/en/3/changelogs/3.6.1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.silverstripe.org/en/3/changelogs/3.6.1
3
reference_url https://github.com/silverstripe/silverstripe-framework/commit/25b77a2ff8deabe8e8894002b9a5647eaec27b0a
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/commit/25b77a2ff8deabe8e8894002b9a5647eaec27b0a
4
reference_url https://github.com/silverstripe/silverstripe-installer/commit/c25478bef75cc5482852e80a1fa6f1f0e6460e39
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-installer/commit/c25478bef75cc5482852e80a1fa6f1f0e6460e39
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-14498
reference_id CVE-2017-14498
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-14498
6
reference_url https://github.com/advisories/GHSA-j696-6m57-mcrv
reference_id GHSA-j696-6m57-mcrv
reference_type
scores
url https://github.com/advisories/GHSA-j696-6m57-mcrv
fixed_packages
0
url pkg:composer/silverstripe/framework@3.6.1-alpha2
purl pkg:composer/silverstripe/framework@3.6.1-alpha2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2af9-znrv-3bf7
1
vulnerability VCID-2e1q-fc4b-mydq
2
vulnerability VCID-2uck-cp19-v3e9
3
vulnerability VCID-3497-71mw-yqh8
4
vulnerability VCID-4mg2-rjsn-qyfx
5
vulnerability VCID-4qq2-bbj1-8fdb
6
vulnerability VCID-5ccd-zu9e-yfgp
7
vulnerability VCID-7kmy-8ht6-8fcw
8
vulnerability VCID-8csb-m7rv-xyh2
9
vulnerability VCID-8z35-2baj-cqdb
10
vulnerability VCID-9vwe-uejx-c3c5
11
vulnerability VCID-adng-1x6w-2baj
12
vulnerability VCID-cskj-c9ur-47dj
13
vulnerability VCID-d1ap-2u1x-y7gg
14
vulnerability VCID-d6gt-9mst-dub4
15
vulnerability VCID-djww-2v4e-qkb2
16
vulnerability VCID-ewqs-8fqc-b3hk
17
vulnerability VCID-fn6y-hytc-r3b5
18
vulnerability VCID-gr5g-7tkc-2kfa
19
vulnerability VCID-hp6e-75gr-uuan
20
vulnerability VCID-hsfb-xx67-7qg6
21
vulnerability VCID-k1aa-deyg-2kdg
22
vulnerability VCID-k2xa-uwrr-ffez
23
vulnerability VCID-k6ed-y2ud-wffu
24
vulnerability VCID-k8vz-xw7w-e3dg
25
vulnerability VCID-kcq9-5h99-abct
26
vulnerability VCID-m2bw-tabk-qyd8
27
vulnerability VCID-mvra-6wnv-xya1
28
vulnerability VCID-nzdu-xh5w-27g7
29
vulnerability VCID-pq7w-n99a-q7cj
30
vulnerability VCID-qrhh-c86j-rqe6
31
vulnerability VCID-tp75-2k7m-6yaw
32
vulnerability VCID-txyu-4qkf-r3cs
33
vulnerability VCID-x6g5-a61e-3khu
34
vulnerability VCID-yhh9-rkh9-rqeu
35
vulnerability VCID-ywfx-pjg6-aqcj
36
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.6.1-alpha2
1
url pkg:composer/silverstripe/framework@3.6.1
purl pkg:composer/silverstripe/framework@3.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2af9-znrv-3bf7
1
vulnerability VCID-2e1q-fc4b-mydq
2
vulnerability VCID-2uck-cp19-v3e9
3
vulnerability VCID-3497-71mw-yqh8
4
vulnerability VCID-4mg2-rjsn-qyfx
5
vulnerability VCID-4qq2-bbj1-8fdb
6
vulnerability VCID-5ccd-zu9e-yfgp
7
vulnerability VCID-7kmy-8ht6-8fcw
8
vulnerability VCID-8csb-m7rv-xyh2
9
vulnerability VCID-8z35-2baj-cqdb
10
vulnerability VCID-9vwe-uejx-c3c5
11
vulnerability VCID-adng-1x6w-2baj
12
vulnerability VCID-cskj-c9ur-47dj
13
vulnerability VCID-d1ap-2u1x-y7gg
14
vulnerability VCID-d6gt-9mst-dub4
15
vulnerability VCID-djww-2v4e-qkb2
16
vulnerability VCID-ewqs-8fqc-b3hk
17
vulnerability VCID-fn6y-hytc-r3b5
18
vulnerability VCID-gr5g-7tkc-2kfa
19
vulnerability VCID-hp6e-75gr-uuan
20
vulnerability VCID-hsfb-xx67-7qg6
21
vulnerability VCID-k1aa-deyg-2kdg
22
vulnerability VCID-k2xa-uwrr-ffez
23
vulnerability VCID-k6ed-y2ud-wffu
24
vulnerability VCID-k8vz-xw7w-e3dg
25
vulnerability VCID-kcq9-5h99-abct
26
vulnerability VCID-m2bw-tabk-qyd8
27
vulnerability VCID-mvra-6wnv-xya1
28
vulnerability VCID-nzdu-xh5w-27g7
29
vulnerability VCID-pq7w-n99a-q7cj
30
vulnerability VCID-qrhh-c86j-rqe6
31
vulnerability VCID-tp75-2k7m-6yaw
32
vulnerability VCID-txyu-4qkf-r3cs
33
vulnerability VCID-x6g5-a61e-3khu
34
vulnerability VCID-yhh9-rkh9-rqeu
35
vulnerability VCID-ywfx-pjg6-aqcj
36
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.6.1
aliases CVE-2017-14498, GHSA-j696-6m57-mcrv
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vrv4-sy3z-jfe2
33
url VCID-x6g5-a61e-3khu
vulnerability_id VCID-x6g5-a61e-3khu
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12205
reference_id
reference_type
scores
0
value 0.00378
scoring_system epss
scoring_elements 0.59603
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12205
1
reference_url https://forum.silverstripe.org/c/releases
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://forum.silverstripe.org/c/releases
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-12205.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-12205.yaml
3
reference_url https://github.com/silverstripe/silverstripe-admin/commit/6e6fa5c618b9dbf4cc0a56704834bfa1d5b0d18e
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-admin/commit/6e6fa5c618b9dbf4cc0a56704834bfa1d5b0d18e
4
reference_url https://www.silverstripe.org/download/security-releases
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases
5
reference_url https://www.silverstripe.org/download/security-releases/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/
6
reference_url https://www.silverstripe.org/download/security-releases/cve-2019-12205
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/cve-2019-12205
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-12205
reference_id CVE-2019-12205
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-12205
8
reference_url https://www.silverstripe.org/download/security-releases/CVE-2019-12205
reference_id CVE-2019-12205
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/CVE-2019-12205
9
reference_url https://github.com/advisories/GHSA-rfvw-5848-gxc5
reference_id GHSA-rfvw-5848-gxc5
reference_type
scores
url https://github.com/advisories/GHSA-rfvw-5848-gxc5
fixed_packages
0
url pkg:composer/silverstripe/framework@4.3.4
purl pkg:composer/silverstripe/framework@4.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d62k-jng6-5fd8
11
vulnerability VCID-d6gt-9mst-dub4
12
vulnerability VCID-dgmv-7v1e-k3b9
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-hj46-jp5w-ckd1
18
vulnerability VCID-jc9t-3hb5-z3g5
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-kcq9-5h99-abct
21
vulnerability VCID-mvra-6wnv-xya1
22
vulnerability VCID-nzdu-xh5w-27g7
23
vulnerability VCID-qrhh-c86j-rqe6
24
vulnerability VCID-txyu-4qkf-r3cs
25
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.4
1
url pkg:composer/silverstripe/framework@4.3.5
purl pkg:composer/silverstripe/framework@4.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d62k-jng6-5fd8
11
vulnerability VCID-d6gt-9mst-dub4
12
vulnerability VCID-dgmv-7v1e-k3b9
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-hj46-jp5w-ckd1
18
vulnerability VCID-k2xa-uwrr-ffez
19
vulnerability VCID-kcq9-5h99-abct
20
vulnerability VCID-mvra-6wnv-xya1
21
vulnerability VCID-nzdu-xh5w-27g7
22
vulnerability VCID-qrhh-c86j-rqe6
23
vulnerability VCID-txyu-4qkf-r3cs
24
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.5
2
url pkg:composer/silverstripe/framework@4.4.4
purl pkg:composer/silverstripe/framework@4.4.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-4ywc-gcvd-73a9
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-5j19-xx5v-fkck
7
vulnerability VCID-8csb-m7rv-xyh2
8
vulnerability VCID-adng-1x6w-2baj
9
vulnerability VCID-cskj-c9ur-47dj
10
vulnerability VCID-d1ap-2u1x-y7gg
11
vulnerability VCID-d62k-jng6-5fd8
12
vulnerability VCID-d6gt-9mst-dub4
13
vulnerability VCID-dgmv-7v1e-k3b9
14
vulnerability VCID-djww-2v4e-qkb2
15
vulnerability VCID-ewqs-8fqc-b3hk
16
vulnerability VCID-fn6y-hytc-r3b5
17
vulnerability VCID-gr5g-7tkc-2kfa
18
vulnerability VCID-hj46-jp5w-ckd1
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-kcq9-5h99-abct
21
vulnerability VCID-mvra-6wnv-xya1
22
vulnerability VCID-nzdu-xh5w-27g7
23
vulnerability VCID-qrhh-c86j-rqe6
24
vulnerability VCID-txyu-4qkf-r3cs
25
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.4.4
aliases CVE-2019-12205, GHSA-rfvw-5848-gxc5
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x6g5-a61e-3khu
34
url VCID-xazf-vmz5-r3dj
vulnerability_id VCID-xazf-vmz5-r3dj
summary 
Information Exposure
Response discrepancy in the login and password reset forms in SilverStripe CMS allows remote attackers to enumerate users via timing attack.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12849
reference_id
reference_type
scores
0
value 0.00392
scoring_system epss
scoring_elements 0.6047
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12849
1
reference_url https://www.silverstripe.org/download/security-releases/ss-2017-005
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/ss-2017-005
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-12849
reference_id CVE-2017-12849
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-12849
3
reference_url https://github.com/advisories/GHSA-fwhr-g5r4-xgxf
reference_id GHSA-fwhr-g5r4-xgxf
reference_type
scores
url https://github.com/advisories/GHSA-fwhr-g5r4-xgxf
fixed_packages
0
url pkg:composer/silverstripe/framework@3.5.5-beta1
purl pkg:composer/silverstripe/framework@3.5.5-beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2af9-znrv-3bf7
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-3497-71mw-yqh8
3
vulnerability VCID-4mg2-rjsn-qyfx
4
vulnerability VCID-4qq2-bbj1-8fdb
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-7kmy-8ht6-8fcw
7
vulnerability VCID-8csb-m7rv-xyh2
8
vulnerability VCID-9vwe-uejx-c3c5
9
vulnerability VCID-adng-1x6w-2baj
10
vulnerability VCID-cskj-c9ur-47dj
11
vulnerability VCID-d1ap-2u1x-y7gg
12
vulnerability VCID-d6gt-9mst-dub4
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-hp6e-75gr-uuan
18
vulnerability VCID-hsfb-xx67-7qg6
19
vulnerability VCID-k1aa-deyg-2kdg
20
vulnerability VCID-k2xa-uwrr-ffez
21
vulnerability VCID-k6ed-y2ud-wffu
22
vulnerability VCID-k8vz-xw7w-e3dg
23
vulnerability VCID-kcq9-5h99-abct
24
vulnerability VCID-m2bw-tabk-qyd8
25
vulnerability VCID-mvra-6wnv-xya1
26
vulnerability VCID-nzdu-xh5w-27g7
27
vulnerability VCID-pq7w-n99a-q7cj
28
vulnerability VCID-qrhh-c86j-rqe6
29
vulnerability VCID-tp75-2k7m-6yaw
30
vulnerability VCID-txyu-4qkf-r3cs
31
vulnerability VCID-x6g5-a61e-3khu
32
vulnerability VCID-yhh9-rkh9-rqeu
33
vulnerability VCID-ywfx-pjg6-aqcj
34
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.5.5-beta1
1
url pkg:composer/silverstripe/framework@3.5.5
purl pkg:composer/silverstripe/framework@3.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2af9-znrv-3bf7
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-3497-71mw-yqh8
3
vulnerability VCID-4mg2-rjsn-qyfx
4
vulnerability VCID-4qq2-bbj1-8fdb
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-7kmy-8ht6-8fcw
7
vulnerability VCID-8csb-m7rv-xyh2
8
vulnerability VCID-8z35-2baj-cqdb
9
vulnerability VCID-9vwe-uejx-c3c5
10
vulnerability VCID-adng-1x6w-2baj
11
vulnerability VCID-cskj-c9ur-47dj
12
vulnerability VCID-d1ap-2u1x-y7gg
13
vulnerability VCID-d6gt-9mst-dub4
14
vulnerability VCID-djww-2v4e-qkb2
15
vulnerability VCID-ewqs-8fqc-b3hk
16
vulnerability VCID-fn6y-hytc-r3b5
17
vulnerability VCID-gr5g-7tkc-2kfa
18
vulnerability VCID-hp6e-75gr-uuan
19
vulnerability VCID-hsfb-xx67-7qg6
20
vulnerability VCID-k1aa-deyg-2kdg
21
vulnerability VCID-k2xa-uwrr-ffez
22
vulnerability VCID-k6ed-y2ud-wffu
23
vulnerability VCID-k8vz-xw7w-e3dg
24
vulnerability VCID-kcq9-5h99-abct
25
vulnerability VCID-m2bw-tabk-qyd8
26
vulnerability VCID-mvra-6wnv-xya1
27
vulnerability VCID-nzdu-xh5w-27g7
28
vulnerability VCID-pq7w-n99a-q7cj
29
vulnerability VCID-qrhh-c86j-rqe6
30
vulnerability VCID-tp75-2k7m-6yaw
31
vulnerability VCID-txyu-4qkf-r3cs
32
vulnerability VCID-x6g5-a61e-3khu
33
vulnerability VCID-ywfx-pjg6-aqcj
34
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.5.5
2
url pkg:composer/silverstripe/framework@3.6.1-alpha2
purl pkg:composer/silverstripe/framework@3.6.1-alpha2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2af9-znrv-3bf7
1
vulnerability VCID-2e1q-fc4b-mydq
2
vulnerability VCID-2uck-cp19-v3e9
3
vulnerability VCID-3497-71mw-yqh8
4
vulnerability VCID-4mg2-rjsn-qyfx
5
vulnerability VCID-4qq2-bbj1-8fdb
6
vulnerability VCID-5ccd-zu9e-yfgp
7
vulnerability VCID-7kmy-8ht6-8fcw
8
vulnerability VCID-8csb-m7rv-xyh2
9
vulnerability VCID-8z35-2baj-cqdb
10
vulnerability VCID-9vwe-uejx-c3c5
11
vulnerability VCID-adng-1x6w-2baj
12
vulnerability VCID-cskj-c9ur-47dj
13
vulnerability VCID-d1ap-2u1x-y7gg
14
vulnerability VCID-d6gt-9mst-dub4
15
vulnerability VCID-djww-2v4e-qkb2
16
vulnerability VCID-ewqs-8fqc-b3hk
17
vulnerability VCID-fn6y-hytc-r3b5
18
vulnerability VCID-gr5g-7tkc-2kfa
19
vulnerability VCID-hp6e-75gr-uuan
20
vulnerability VCID-hsfb-xx67-7qg6
21
vulnerability VCID-k1aa-deyg-2kdg
22
vulnerability VCID-k2xa-uwrr-ffez
23
vulnerability VCID-k6ed-y2ud-wffu
24
vulnerability VCID-k8vz-xw7w-e3dg
25
vulnerability VCID-kcq9-5h99-abct
26
vulnerability VCID-m2bw-tabk-qyd8
27
vulnerability VCID-mvra-6wnv-xya1
28
vulnerability VCID-nzdu-xh5w-27g7
29
vulnerability VCID-pq7w-n99a-q7cj
30
vulnerability VCID-qrhh-c86j-rqe6
31
vulnerability VCID-tp75-2k7m-6yaw
32
vulnerability VCID-txyu-4qkf-r3cs
33
vulnerability VCID-x6g5-a61e-3khu
34
vulnerability VCID-yhh9-rkh9-rqeu
35
vulnerability VCID-ywfx-pjg6-aqcj
36
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.6.1-alpha2
3
url pkg:composer/silverstripe/framework@3.6.1
purl pkg:composer/silverstripe/framework@3.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2af9-znrv-3bf7
1
vulnerability VCID-2e1q-fc4b-mydq
2
vulnerability VCID-2uck-cp19-v3e9
3
vulnerability VCID-3497-71mw-yqh8
4
vulnerability VCID-4mg2-rjsn-qyfx
5
vulnerability VCID-4qq2-bbj1-8fdb
6
vulnerability VCID-5ccd-zu9e-yfgp
7
vulnerability VCID-7kmy-8ht6-8fcw
8
vulnerability VCID-8csb-m7rv-xyh2
9
vulnerability VCID-8z35-2baj-cqdb
10
vulnerability VCID-9vwe-uejx-c3c5
11
vulnerability VCID-adng-1x6w-2baj
12
vulnerability VCID-cskj-c9ur-47dj
13
vulnerability VCID-d1ap-2u1x-y7gg
14
vulnerability VCID-d6gt-9mst-dub4
15
vulnerability VCID-djww-2v4e-qkb2
16
vulnerability VCID-ewqs-8fqc-b3hk
17
vulnerability VCID-fn6y-hytc-r3b5
18
vulnerability VCID-gr5g-7tkc-2kfa
19
vulnerability VCID-hp6e-75gr-uuan
20
vulnerability VCID-hsfb-xx67-7qg6
21
vulnerability VCID-k1aa-deyg-2kdg
22
vulnerability VCID-k2xa-uwrr-ffez
23
vulnerability VCID-k6ed-y2ud-wffu
24
vulnerability VCID-k8vz-xw7w-e3dg
25
vulnerability VCID-kcq9-5h99-abct
26
vulnerability VCID-m2bw-tabk-qyd8
27
vulnerability VCID-mvra-6wnv-xya1
28
vulnerability VCID-nzdu-xh5w-27g7
29
vulnerability VCID-pq7w-n99a-q7cj
30
vulnerability VCID-qrhh-c86j-rqe6
31
vulnerability VCID-tp75-2k7m-6yaw
32
vulnerability VCID-txyu-4qkf-r3cs
33
vulnerability VCID-x6g5-a61e-3khu
34
vulnerability VCID-yhh9-rkh9-rqeu
35
vulnerability VCID-ywfx-pjg6-aqcj
36
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.6.1
aliases CVE-2017-12849, GHSA-fwhr-g5r4-xgxf
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xazf-vmz5-r3dj
35
url VCID-ywfx-pjg6-aqcj
vulnerability_id VCID-ywfx-pjg6-aqcj
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-30148
reference_id
reference_type
scores
0
value 0.00224
scoring_system epss
scoring_elements 0.45159
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-30148
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2025-30148.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2025-30148.yaml
2
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
3
reference_url https://github.com/silverstripe/silverstripe-framework/commit/e99cfd62d160d145a76fcf9631e6b11226e42358
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T13:34:01Z/
url https://github.com/silverstripe/silverstripe-framework/commit/e99cfd62d160d145a76fcf9631e6b11226e42358
4
reference_url https://github.com/silverstripe/silverstripe-framework/pull/11682
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/pull/11682
5
reference_url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-rhx4-hvx9-j387
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T13:34:01Z/
url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-rhx4-hvx9-j387
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-30148
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-30148
7
reference_url https://www.silverstripe.org/download/security-releases/cve-2025-30148
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T13:34:01Z/
url https://www.silverstripe.org/download/security-releases/cve-2025-30148
8
reference_url https://github.com/advisories/GHSA-rhx4-hvx9-j387
reference_id GHSA-rhx4-hvx9-j387
reference_type
scores
url https://github.com/advisories/GHSA-rhx4-hvx9-j387
fixed_packages
0
url pkg:composer/silverstripe/framework@5.3.23
purl pkg:composer/silverstripe/framework@5.3.23
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.3.23
aliases CVE-2025-30148, GHSA-rhx4-hvx9-j387
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ywfx-pjg6-aqcj
36
url VCID-yxg1-dz91-ckgs
vulnerability_id VCID-yxg1-dz91-ckgs
summary 
Cross-Site Request Forgery (CSRF)
Cross Site Request Forgery (CSRF) Protection Bypass in GraphQL.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12437
reference_id
reference_type
scores
0
value 0.002
scoring_system epss
scoring_elements 0.41992
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12437
1
reference_url https://forum.silverstripe.org/c/releases
reference_id
reference_type
scores
url https://forum.silverstripe.org/c/releases
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/graphql/CVE-2019-12437.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/graphql/CVE-2019-12437.yaml
3
reference_url https://github.com/silverstripe/silverstripe-graphql
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-graphql
4
reference_url https://github.com/silverstripe/silverstripe-graphql/commit/3c1dd6b839b7c0e2cbc85074bb5840ebded6097c
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-graphql/commit/3c1dd6b839b7c0e2cbc85074bb5840ebded6097c
5
reference_url https://github.com/silverstripe/silverstripe-graphql/commit/db28f3075ae2335905f43ac808e9177497e354ff
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-graphql/commit/db28f3075ae2335905f43ac808e9177497e354ff
6
reference_url https://www.silverstripe.org/blog/tag/release
reference_id
reference_type
scores
url https://www.silverstripe.org/blog/tag/release
7
reference_url https://www.silverstripe.org/download/security-releases/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-12437
reference_id CVE-2019-12437
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-12437
9
reference_url https://www.silverstripe.org/download/security-releases/cve-2019-12437
reference_id CVE-2019-12437
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/cve-2019-12437
fixed_packages
0
url pkg:composer/silverstripe/framework@4.3.4
purl pkg:composer/silverstripe/framework@4.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d62k-jng6-5fd8
11
vulnerability VCID-d6gt-9mst-dub4
12
vulnerability VCID-dgmv-7v1e-k3b9
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-hj46-jp5w-ckd1
18
vulnerability VCID-jc9t-3hb5-z3g5
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-kcq9-5h99-abct
21
vulnerability VCID-mvra-6wnv-xya1
22
vulnerability VCID-nzdu-xh5w-27g7
23
vulnerability VCID-qrhh-c86j-rqe6
24
vulnerability VCID-txyu-4qkf-r3cs
25
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.4
aliases CVE-2019-12437, GHSA-fx37-56v6-85q6
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yxg1-dz91-ckgs
Fixing_vulnerabilities
0
url VCID-91wy-94bg-bfc3
vulnerability_id VCID-91wy-94bg-bfc3
summary 
XSS In page name
SilverStripe is vulnerable to XSS via the page name. For instance, page name `"><svg/onload=alert(/xss/)>` will trigger an XSS alert.
references
0
reference_url https://github.com/silverstripe/silverstripe-framework/commit/c6c6c13fc265aeedf5de7226b3cde39d185ba49d
reference_id
reference_type
scores
url https://github.com/silverstripe/silverstripe-framework/commit/c6c6c13fc265aeedf5de7226b3cde39d185ba49d
1
reference_url https://www.silverstripe.org/download/security-releases/ss-2017-001/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/ss-2017-001/
fixed_packages
0
url pkg:composer/silverstripe/framework@3.4.4-rc1
purl pkg:composer/silverstripe/framework@3.4.4-rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2b81-t1vt-3uar
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-3497-71mw-yqh8
3
vulnerability VCID-4mg2-rjsn-qyfx
4
vulnerability VCID-4qq2-bbj1-8fdb
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-7kmy-8ht6-8fcw
7
vulnerability VCID-89jy-34ks-5kds
8
vulnerability VCID-8csb-m7rv-xyh2
9
vulnerability VCID-9vwe-uejx-c3c5
10
vulnerability VCID-adng-1x6w-2baj
11
vulnerability VCID-cskj-c9ur-47dj
12
vulnerability VCID-d1ap-2u1x-y7gg
13
vulnerability VCID-d6gt-9mst-dub4
14
vulnerability VCID-djww-2v4e-qkb2
15
vulnerability VCID-ewqs-8fqc-b3hk
16
vulnerability VCID-fn6y-hytc-r3b5
17
vulnerability VCID-gr5g-7tkc-2kfa
18
vulnerability VCID-k1aa-deyg-2kdg
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-k6ed-y2ud-wffu
21
vulnerability VCID-kcq9-5h99-abct
22
vulnerability VCID-m2bw-tabk-qyd8
23
vulnerability VCID-mvra-6wnv-xya1
24
vulnerability VCID-nzdu-xh5w-27g7
25
vulnerability VCID-pq7w-n99a-q7cj
26
vulnerability VCID-qrhh-c86j-rqe6
27
vulnerability VCID-s4vd-dw41-wkgn
28
vulnerability VCID-seq6-f1js-u3f3
29
vulnerability VCID-tp75-2k7m-6yaw
30
vulnerability VCID-txyu-4qkf-r3cs
31
vulnerability VCID-v5s9-xp16-2udf
32
vulnerability VCID-vrv4-sy3z-jfe2
33
vulnerability VCID-x6g5-a61e-3khu
34
vulnerability VCID-xazf-vmz5-r3dj
35
vulnerability VCID-ywfx-pjg6-aqcj
36
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.4.4-rc1
1
url pkg:composer/silverstripe/framework@3.5.2-rc1
purl pkg:composer/silverstripe/framework@3.5.2-rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2af9-znrv-3bf7
1
vulnerability VCID-2b81-t1vt-3uar
2
vulnerability VCID-2uck-cp19-v3e9
3
vulnerability VCID-3497-71mw-yqh8
4
vulnerability VCID-4mg2-rjsn-qyfx
5
vulnerability VCID-4qq2-bbj1-8fdb
6
vulnerability VCID-5ccd-zu9e-yfgp
7
vulnerability VCID-7kmy-8ht6-8fcw
8
vulnerability VCID-89jy-34ks-5kds
9
vulnerability VCID-8csb-m7rv-xyh2
10
vulnerability VCID-9vwe-uejx-c3c5
11
vulnerability VCID-adng-1x6w-2baj
12
vulnerability VCID-cskj-c9ur-47dj
13
vulnerability VCID-d1ap-2u1x-y7gg
14
vulnerability VCID-d6gt-9mst-dub4
15
vulnerability VCID-djww-2v4e-qkb2
16
vulnerability VCID-ewqs-8fqc-b3hk
17
vulnerability VCID-fn6y-hytc-r3b5
18
vulnerability VCID-gr5g-7tkc-2kfa
19
vulnerability VCID-hp6e-75gr-uuan
20
vulnerability VCID-hsfb-xx67-7qg6
21
vulnerability VCID-k1aa-deyg-2kdg
22
vulnerability VCID-k2xa-uwrr-ffez
23
vulnerability VCID-k6ed-y2ud-wffu
24
vulnerability VCID-k8vz-xw7w-e3dg
25
vulnerability VCID-kcq9-5h99-abct
26
vulnerability VCID-m2bw-tabk-qyd8
27
vulnerability VCID-mvra-6wnv-xya1
28
vulnerability VCID-nzdu-xh5w-27g7
29
vulnerability VCID-pq7w-n99a-q7cj
30
vulnerability VCID-qrhh-c86j-rqe6
31
vulnerability VCID-s4vd-dw41-wkgn
32
vulnerability VCID-seq6-f1js-u3f3
33
vulnerability VCID-tp75-2k7m-6yaw
34
vulnerability VCID-txyu-4qkf-r3cs
35
vulnerability VCID-v5s9-xp16-2udf
36
vulnerability VCID-vrv4-sy3z-jfe2
37
vulnerability VCID-x6g5-a61e-3khu
38
vulnerability VCID-xazf-vmz5-r3dj
39
vulnerability VCID-yhh9-rkh9-rqeu
40
vulnerability VCID-ywfx-pjg6-aqcj
41
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.5.2-rc1
aliases SS-2017-001
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-91wy-94bg-bfc3
1
url VCID-eu6p-szkb-m7b1
vulnerability_id VCID-eu6p-szkb-m7b1
summary 
Cross-site Scripting
There is an XSS in SilverStripe CMS.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5197
reference_id
reference_type
scores
0
value 0.00265
scoring_system epss
scoring_elements 0.50115
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5197
1
reference_url https://web.archive.org/web/20210123234141/http://www.securityfocus.com/bid/96572
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210123234141/http://www.securityfocus.com/bid/96572
2
reference_url https://www.silverstripe.org/download/security-releases
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases
3
reference_url https://www.silverstripe.org/download/security-releases/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/
4
reference_url http://www.securityfocus.com/bid/96572
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/96572
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5197
reference_id CVE-2017-5197
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-5197
6
reference_url https://github.com/advisories/GHSA-xmjh-wjc5-wg4h
reference_id GHSA-xmjh-wjc5-wg4h
reference_type
scores
url https://github.com/advisories/GHSA-xmjh-wjc5-wg4h
fixed_packages
0
url pkg:composer/silverstripe/framework@3.4.4-rc1
purl pkg:composer/silverstripe/framework@3.4.4-rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2b81-t1vt-3uar
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-3497-71mw-yqh8
3
vulnerability VCID-4mg2-rjsn-qyfx
4
vulnerability VCID-4qq2-bbj1-8fdb
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-7kmy-8ht6-8fcw
7
vulnerability VCID-89jy-34ks-5kds
8
vulnerability VCID-8csb-m7rv-xyh2
9
vulnerability VCID-9vwe-uejx-c3c5
10
vulnerability VCID-adng-1x6w-2baj
11
vulnerability VCID-cskj-c9ur-47dj
12
vulnerability VCID-d1ap-2u1x-y7gg
13
vulnerability VCID-d6gt-9mst-dub4
14
vulnerability VCID-djww-2v4e-qkb2
15
vulnerability VCID-ewqs-8fqc-b3hk
16
vulnerability VCID-fn6y-hytc-r3b5
17
vulnerability VCID-gr5g-7tkc-2kfa
18
vulnerability VCID-k1aa-deyg-2kdg
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-k6ed-y2ud-wffu
21
vulnerability VCID-kcq9-5h99-abct
22
vulnerability VCID-m2bw-tabk-qyd8
23
vulnerability VCID-mvra-6wnv-xya1
24
vulnerability VCID-nzdu-xh5w-27g7
25
vulnerability VCID-pq7w-n99a-q7cj
26
vulnerability VCID-qrhh-c86j-rqe6
27
vulnerability VCID-s4vd-dw41-wkgn
28
vulnerability VCID-seq6-f1js-u3f3
29
vulnerability VCID-tp75-2k7m-6yaw
30
vulnerability VCID-txyu-4qkf-r3cs
31
vulnerability VCID-v5s9-xp16-2udf
32
vulnerability VCID-vrv4-sy3z-jfe2
33
vulnerability VCID-x6g5-a61e-3khu
34
vulnerability VCID-xazf-vmz5-r3dj
35
vulnerability VCID-ywfx-pjg6-aqcj
36
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.4.4-rc1
1
url pkg:composer/silverstripe/framework@3.4.4
purl pkg:composer/silverstripe/framework@3.4.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2b81-t1vt-3uar
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-3497-71mw-yqh8
3
vulnerability VCID-4mg2-rjsn-qyfx
4
vulnerability VCID-4qq2-bbj1-8fdb
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-7kmy-8ht6-8fcw
7
vulnerability VCID-89jy-34ks-5kds
8
vulnerability VCID-8csb-m7rv-xyh2
9
vulnerability VCID-9vwe-uejx-c3c5
10
vulnerability VCID-adng-1x6w-2baj
11
vulnerability VCID-cskj-c9ur-47dj
12
vulnerability VCID-d1ap-2u1x-y7gg
13
vulnerability VCID-d6gt-9mst-dub4
14
vulnerability VCID-djww-2v4e-qkb2
15
vulnerability VCID-ewqs-8fqc-b3hk
16
vulnerability VCID-fn6y-hytc-r3b5
17
vulnerability VCID-gr5g-7tkc-2kfa
18
vulnerability VCID-k1aa-deyg-2kdg
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-k6ed-y2ud-wffu
21
vulnerability VCID-kcq9-5h99-abct
22
vulnerability VCID-m2bw-tabk-qyd8
23
vulnerability VCID-mvra-6wnv-xya1
24
vulnerability VCID-nzdu-xh5w-27g7
25
vulnerability VCID-pq7w-n99a-q7cj
26
vulnerability VCID-qrhh-c86j-rqe6
27
vulnerability VCID-s4vd-dw41-wkgn
28
vulnerability VCID-tp75-2k7m-6yaw
29
vulnerability VCID-txyu-4qkf-r3cs
30
vulnerability VCID-v5s9-xp16-2udf
31
vulnerability VCID-vrv4-sy3z-jfe2
32
vulnerability VCID-x6g5-a61e-3khu
33
vulnerability VCID-xazf-vmz5-r3dj
34
vulnerability VCID-ywfx-pjg6-aqcj
35
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.4.4
2
url pkg:composer/silverstripe/framework@3.5.2-rc1
purl pkg:composer/silverstripe/framework@3.5.2-rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2af9-znrv-3bf7
1
vulnerability VCID-2b81-t1vt-3uar
2
vulnerability VCID-2uck-cp19-v3e9
3
vulnerability VCID-3497-71mw-yqh8
4
vulnerability VCID-4mg2-rjsn-qyfx
5
vulnerability VCID-4qq2-bbj1-8fdb
6
vulnerability VCID-5ccd-zu9e-yfgp
7
vulnerability VCID-7kmy-8ht6-8fcw
8
vulnerability VCID-89jy-34ks-5kds
9
vulnerability VCID-8csb-m7rv-xyh2
10
vulnerability VCID-9vwe-uejx-c3c5
11
vulnerability VCID-adng-1x6w-2baj
12
vulnerability VCID-cskj-c9ur-47dj
13
vulnerability VCID-d1ap-2u1x-y7gg
14
vulnerability VCID-d6gt-9mst-dub4
15
vulnerability VCID-djww-2v4e-qkb2
16
vulnerability VCID-ewqs-8fqc-b3hk
17
vulnerability VCID-fn6y-hytc-r3b5
18
vulnerability VCID-gr5g-7tkc-2kfa
19
vulnerability VCID-hp6e-75gr-uuan
20
vulnerability VCID-hsfb-xx67-7qg6
21
vulnerability VCID-k1aa-deyg-2kdg
22
vulnerability VCID-k2xa-uwrr-ffez
23
vulnerability VCID-k6ed-y2ud-wffu
24
vulnerability VCID-k8vz-xw7w-e3dg
25
vulnerability VCID-kcq9-5h99-abct
26
vulnerability VCID-m2bw-tabk-qyd8
27
vulnerability VCID-mvra-6wnv-xya1
28
vulnerability VCID-nzdu-xh5w-27g7
29
vulnerability VCID-pq7w-n99a-q7cj
30
vulnerability VCID-qrhh-c86j-rqe6
31
vulnerability VCID-s4vd-dw41-wkgn
32
vulnerability VCID-seq6-f1js-u3f3
33
vulnerability VCID-tp75-2k7m-6yaw
34
vulnerability VCID-txyu-4qkf-r3cs
35
vulnerability VCID-v5s9-xp16-2udf
36
vulnerability VCID-vrv4-sy3z-jfe2
37
vulnerability VCID-x6g5-a61e-3khu
38
vulnerability VCID-xazf-vmz5-r3dj
39
vulnerability VCID-yhh9-rkh9-rqeu
40
vulnerability VCID-ywfx-pjg6-aqcj
41
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.5.2-rc1
3
url pkg:composer/silverstripe/framework@3.5.2
purl pkg:composer/silverstripe/framework@3.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2af9-znrv-3bf7
1
vulnerability VCID-2b81-t1vt-3uar
2
vulnerability VCID-2uck-cp19-v3e9
3
vulnerability VCID-3497-71mw-yqh8
4
vulnerability VCID-4mg2-rjsn-qyfx
5
vulnerability VCID-4qq2-bbj1-8fdb
6
vulnerability VCID-5ccd-zu9e-yfgp
7
vulnerability VCID-7kmy-8ht6-8fcw
8
vulnerability VCID-8csb-m7rv-xyh2
9
vulnerability VCID-9vwe-uejx-c3c5
10
vulnerability VCID-adng-1x6w-2baj
11
vulnerability VCID-cskj-c9ur-47dj
12
vulnerability VCID-d1ap-2u1x-y7gg
13
vulnerability VCID-d6gt-9mst-dub4
14
vulnerability VCID-djww-2v4e-qkb2
15
vulnerability VCID-ewqs-8fqc-b3hk
16
vulnerability VCID-fn6y-hytc-r3b5
17
vulnerability VCID-gr5g-7tkc-2kfa
18
vulnerability VCID-hp6e-75gr-uuan
19
vulnerability VCID-hsfb-xx67-7qg6
20
vulnerability VCID-k1aa-deyg-2kdg
21
vulnerability VCID-k2xa-uwrr-ffez
22
vulnerability VCID-k6ed-y2ud-wffu
23
vulnerability VCID-k8vz-xw7w-e3dg
24
vulnerability VCID-kcq9-5h99-abct
25
vulnerability VCID-m2bw-tabk-qyd8
26
vulnerability VCID-mvra-6wnv-xya1
27
vulnerability VCID-nzdu-xh5w-27g7
28
vulnerability VCID-pq7w-n99a-q7cj
29
vulnerability VCID-qrhh-c86j-rqe6
30
vulnerability VCID-s4vd-dw41-wkgn
31
vulnerability VCID-tp75-2k7m-6yaw
32
vulnerability VCID-txyu-4qkf-r3cs
33
vulnerability VCID-v5s9-xp16-2udf
34
vulnerability VCID-vrv4-sy3z-jfe2
35
vulnerability VCID-x6g5-a61e-3khu
36
vulnerability VCID-xazf-vmz5-r3dj
37
vulnerability VCID-yhh9-rkh9-rqeu
38
vulnerability VCID-ywfx-pjg6-aqcj
39
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.5.2
aliases CVE-2017-5197, GHSA-xmjh-wjc5-wg4h
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eu6p-szkb-m7b1
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.4.4-rc1