Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/silverstripe/framework@4.0.0-alpha1
Typecomposer
Namespacesilverstripe
Nameframework
Version4.0.0-alpha1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version5.3.23
Latest_non_vulnerable_version6.0.0-alpha1
Affected_by_vulnerabilities
0
url VCID-2uck-cp19-v3e9
vulnerability_id VCID-2uck-cp19-v3e9
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-37421
reference_id
reference_type
scores
0
value 0.00322
scoring_system epss
scoring_elements 0.55469
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-37421
1
reference_url https://forum.silverstripe.org/c/releases
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T20:34:09Z/
url https://forum.silverstripe.org/c/releases
2
reference_url https://www.silverstripe.org/blog/tag/release
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T20:34:09Z/
url https://www.silverstripe.org/blog/tag/release
3
reference_url https://www.silverstripe.org/download/security-releases
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases
4
reference_url https://www.silverstripe.org/download/security-releases/
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T20:34:09Z/
url https://www.silverstripe.org/download/security-releases/
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-37421
reference_id CVE-2022-37421
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-37421
6
reference_url https://www.silverstripe.org/download/security-releases/cve-2022-37421
reference_id CVE-2022-37421
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/cve-2022-37421
7
reference_url https://www.silverstripe.org/download/security-releases/CVE-2022-37421
reference_id CVE-2022-37421
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T20:34:09Z/
url https://www.silverstripe.org/download/security-releases/CVE-2022-37421
8
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/cms/CVE-2022-37421.yaml
reference_id CVE-2022-37421.YAML
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/cms/CVE-2022-37421.yaml
9
reference_url https://github.com/advisories/GHSA-pp74-g2q5-j4jf
reference_id GHSA-pp74-g2q5-j4jf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pp74-g2q5-j4jf
fixed_packages
0
url pkg:composer/silverstripe/framework@4.11.3
purl pkg:composer/silverstripe/framework@4.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-4qq2-bbj1-8fdb
2
vulnerability VCID-4vmq-kug8-dug8
3
vulnerability VCID-adng-1x6w-2baj
4
vulnerability VCID-d1ap-2u1x-y7gg
5
vulnerability VCID-d6gt-9mst-dub4
6
vulnerability VCID-ewqs-8fqc-b3hk
7
vulnerability VCID-gr5g-7tkc-2kfa
8
vulnerability VCID-k2xa-uwrr-ffez
9
vulnerability VCID-kcq9-5h99-abct
10
vulnerability VCID-nzdu-xh5w-27g7
11
vulnerability VCID-txyu-4qkf-r3cs
12
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.11.3
aliases CVE-2022-37421, GHSA-pp74-g2q5-j4jf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2uck-cp19-v3e9
1
url VCID-4mg2-rjsn-qyfx
vulnerability_id VCID-4mg2-rjsn-qyfx
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12203
reference_id
reference_type
scores
0
value 0.00054
scoring_system epss
scoring_elements 0.17126
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12203
1
reference_url https://forum.silverstripe.org/c/releases
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://forum.silverstripe.org/c/releases
2
reference_url https://github.com/silverstripe/silverstripe-framework/blob/4/docs/en/04_Changelogs/4.4.4.md#444
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/blob/4/docs/en/04_Changelogs/4.4.4.md#444
3
reference_url https://www.silverstripe.org/download/security-releases
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases
4
reference_url https://www.silverstripe.org/download/security-releases/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/
5
reference_url https://www.silverstripe.org/download/security-releases/cve-2019-12203
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/cve-2019-12203
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-12203
reference_id CVE-2019-12203
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-12203
7
reference_url https://www.silverstripe.org/download/security-releases/cve-2019-12203/
reference_id CVE-2019-12203
reference_type
scores
url https://www.silverstripe.org/download/security-releases/cve-2019-12203/
8
reference_url https://www.silverstripe.org/download/security-releases/CVE-2019-12203
reference_id CVE-2019-12203
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/CVE-2019-12203
9
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-12203.yaml
reference_id CVE-2019-12203.YAML
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-12203.yaml
10
reference_url https://github.com/advisories/GHSA-w7r7-r8r9-vrg2
reference_id GHSA-w7r7-r8r9-vrg2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w7r7-r8r9-vrg2
fixed_packages
0
url pkg:composer/silverstripe/framework@4.3.4
purl pkg:composer/silverstripe/framework@4.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d62k-jng6-5fd8
11
vulnerability VCID-d6gt-9mst-dub4
12
vulnerability VCID-dgmv-7v1e-k3b9
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-hj46-jp5w-ckd1
18
vulnerability VCID-jc9t-3hb5-z3g5
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-kcq9-5h99-abct
21
vulnerability VCID-mvra-6wnv-xya1
22
vulnerability VCID-nzdu-xh5w-27g7
23
vulnerability VCID-qrhh-c86j-rqe6
24
vulnerability VCID-txyu-4qkf-r3cs
25
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.4
1
url pkg:composer/silverstripe/framework@4.3.5
purl pkg:composer/silverstripe/framework@4.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d62k-jng6-5fd8
11
vulnerability VCID-d6gt-9mst-dub4
12
vulnerability VCID-dgmv-7v1e-k3b9
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-hj46-jp5w-ckd1
18
vulnerability VCID-k2xa-uwrr-ffez
19
vulnerability VCID-kcq9-5h99-abct
20
vulnerability VCID-mvra-6wnv-xya1
21
vulnerability VCID-nzdu-xh5w-27g7
22
vulnerability VCID-qrhh-c86j-rqe6
23
vulnerability VCID-txyu-4qkf-r3cs
24
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.5
2
url pkg:composer/silverstripe/framework@4.4.4
purl pkg:composer/silverstripe/framework@4.4.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-4ywc-gcvd-73a9
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-5j19-xx5v-fkck
7
vulnerability VCID-8csb-m7rv-xyh2
8
vulnerability VCID-adng-1x6w-2baj
9
vulnerability VCID-cskj-c9ur-47dj
10
vulnerability VCID-d1ap-2u1x-y7gg
11
vulnerability VCID-d62k-jng6-5fd8
12
vulnerability VCID-d6gt-9mst-dub4
13
vulnerability VCID-dgmv-7v1e-k3b9
14
vulnerability VCID-djww-2v4e-qkb2
15
vulnerability VCID-ewqs-8fqc-b3hk
16
vulnerability VCID-fn6y-hytc-r3b5
17
vulnerability VCID-gr5g-7tkc-2kfa
18
vulnerability VCID-hj46-jp5w-ckd1
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-kcq9-5h99-abct
21
vulnerability VCID-mvra-6wnv-xya1
22
vulnerability VCID-nzdu-xh5w-27g7
23
vulnerability VCID-qrhh-c86j-rqe6
24
vulnerability VCID-txyu-4qkf-r3cs
25
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.4.4
aliases CVE-2019-12203, GHSA-w7r7-r8r9-vrg2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4mg2-rjsn-qyfx
2
url VCID-4qq2-bbj1-8fdb
vulnerability_id VCID-4qq2-bbj1-8fdb
summary 
Silverstripe Framework has a Reflected Cross Site Scripting (XSS) in error message
> [!IMPORTANT]
> This vulnerability only affects sites which are in the "dev" environment mode. If your production website is in "dev" mode, it has been misconfigured, and you should immediately swap it to "live" mode.
> See https://docs.silverstripe.org/en/developer_guides/debugging/environment_types/ for more information.

If a website has been set to the "dev" environment mode, a URL can be provided which includes an XSS payload which will be executed in the resulting error message.

## References

- https://www.silverstripe.org/download/security-releases/ss-2024-002

## Reported by

Gaurav Nayak from [Chaleit](https://chaleit.com/)
references
0
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
1
reference_url https://github.com/silverstripe/silverstripe-framework/commit/a555dad4ec73c929f6316bcb4019eb325a5b77d8
reference_id
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/commit/a555dad4ec73c929f6316bcb4019eb325a5b77d8
2
reference_url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-mqf3-qpc3-g26q
reference_id
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-mqf3-qpc3-g26q
3
reference_url https://www.silverstripe.org/download/security-releases/ss-2024-002
reference_id
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/ss-2024-002
4
reference_url https://github.com/advisories/GHSA-mqf3-qpc3-g26q
reference_id GHSA-mqf3-qpc3-g26q
reference_type
scores
url https://github.com/advisories/GHSA-mqf3-qpc3-g26q
fixed_packages
0
url pkg:composer/silverstripe/framework@5.3.8
purl pkg:composer/silverstripe/framework@5.3.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.3.8
1
url pkg:composer/silverstripe/framework@6.0.0-alpha1
purl pkg:composer/silverstripe/framework@6.0.0-alpha1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@6.0.0-alpha1
aliases GHSA-mqf3-qpc3-g26q
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4qq2-bbj1-8fdb
3
url VCID-5ccd-zu9e-yfgp
vulnerability_id VCID-5ccd-zu9e-yfgp
summary Business Logic Errors in GitHub repository silverstripe/silverstripe-framework
references
0
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
1
reference_url https://github.com/silverstripe/silverstripe-framework/commit/cbf2987a616e9ef4d7eccae5d763ef2179bdbcc2
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/commit/cbf2987a616e9ef4d7eccae5d763ef2179bdbcc2
2
reference_url https://huntr.dev/bounties/35631e3a-f4b9-41ad-857c-7e3021932a72
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://huntr.dev/bounties/35631e3a-f4b9-41ad-857c-7e3021932a72
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-0227
reference_id CVE-2022-0227
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-0227
4
reference_url https://github.com/advisories/GHSA-32m2-9f76-4gv8
reference_id GHSA-32m2-9f76-4gv8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-32m2-9f76-4gv8
fixed_packages
0
url pkg:composer/silverstripe/framework@4.10.1
purl pkg:composer/silverstripe/framework@4.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5j19-xx5v-fkck
5
vulnerability VCID-8csb-m7rv-xyh2
6
vulnerability VCID-adng-1x6w-2baj
7
vulnerability VCID-d1ap-2u1x-y7gg
8
vulnerability VCID-d6gt-9mst-dub4
9
vulnerability VCID-ewqs-8fqc-b3hk
10
vulnerability VCID-gr5g-7tkc-2kfa
11
vulnerability VCID-hj46-jp5w-ckd1
12
vulnerability VCID-k2xa-uwrr-ffez
13
vulnerability VCID-kcq9-5h99-abct
14
vulnerability VCID-nzdu-xh5w-27g7
15
vulnerability VCID-txyu-4qkf-r3cs
16
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.10.1
aliases CVE-2022-0227, GHSA-32m2-9f76-4gv8
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5ccd-zu9e-yfgp
4
url VCID-7kmy-8ht6-8fcw
vulnerability_id VCID-7kmy-8ht6-8fcw
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12245
reference_id
reference_type
scores
0
value 0.00255
scoring_system epss
scoring_elements 0.4898
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12245
1
reference_url https://forum.silverstripe.org/c/releases
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://forum.silverstripe.org/c/releases
2
reference_url https://www.silverstripe.org/download/security-releases
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases
3
reference_url https://www.silverstripe.org/download/security-releases/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/
4
reference_url https://www.silverstripe.org/download/security-releases/cve-2019-12245
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/cve-2019-12245
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-12245
reference_id CVE-2019-12245
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-12245
6
reference_url https://www.silverstripe.org/download/security-releases/cve-2019-12245/
reference_id CVE-2019-12245
reference_type
scores
url https://www.silverstripe.org/download/security-releases/cve-2019-12245/
7
reference_url https://www.silverstripe.org/download/security-releases/CVE-2019-12245
reference_id CVE-2019-12245
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/CVE-2019-12245
8
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/assets/CVE-2019-12245.yaml
reference_id CVE-2019-12245.YAML
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/assets/CVE-2019-12245.yaml
9
reference_url https://github.com/advisories/GHSA-jvx5-rm6q-gx7p
reference_id GHSA-jvx5-rm6q-gx7p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jvx5-rm6q-gx7p
fixed_packages
0
url pkg:composer/silverstripe/framework@4.3.4
purl pkg:composer/silverstripe/framework@4.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d62k-jng6-5fd8
11
vulnerability VCID-d6gt-9mst-dub4
12
vulnerability VCID-dgmv-7v1e-k3b9
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-hj46-jp5w-ckd1
18
vulnerability VCID-jc9t-3hb5-z3g5
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-kcq9-5h99-abct
21
vulnerability VCID-mvra-6wnv-xya1
22
vulnerability VCID-nzdu-xh5w-27g7
23
vulnerability VCID-qrhh-c86j-rqe6
24
vulnerability VCID-txyu-4qkf-r3cs
25
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.4
1
url pkg:composer/silverstripe/framework@4.3.6
purl pkg:composer/silverstripe/framework@4.3.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.6
2
url pkg:composer/silverstripe/framework@4.4.4
purl pkg:composer/silverstripe/framework@4.4.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-4ywc-gcvd-73a9
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-5j19-xx5v-fkck
7
vulnerability VCID-8csb-m7rv-xyh2
8
vulnerability VCID-adng-1x6w-2baj
9
vulnerability VCID-cskj-c9ur-47dj
10
vulnerability VCID-d1ap-2u1x-y7gg
11
vulnerability VCID-d62k-jng6-5fd8
12
vulnerability VCID-d6gt-9mst-dub4
13
vulnerability VCID-dgmv-7v1e-k3b9
14
vulnerability VCID-djww-2v4e-qkb2
15
vulnerability VCID-ewqs-8fqc-b3hk
16
vulnerability VCID-fn6y-hytc-r3b5
17
vulnerability VCID-gr5g-7tkc-2kfa
18
vulnerability VCID-hj46-jp5w-ckd1
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-kcq9-5h99-abct
21
vulnerability VCID-mvra-6wnv-xya1
22
vulnerability VCID-nzdu-xh5w-27g7
23
vulnerability VCID-qrhh-c86j-rqe6
24
vulnerability VCID-txyu-4qkf-r3cs
25
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.4.4
aliases CVE-2019-12245, GHSA-jvx5-rm6q-gx7p
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7kmy-8ht6-8fcw
5
url VCID-8csb-m7rv-xyh2
vulnerability_id VCID-8csb-m7rv-xyh2
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41559
reference_id
reference_type
scores
0
value 0.00348
scoring_system epss
scoring_elements 0.57606
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41559
1
reference_url https://github.com/silverstripe/silverstripe-framework/releases
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/releases
2
reference_url https://www.silverstripe.org/download/security-releases
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases
3
reference_url https://www.silverstripe.org/download/security-releases/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41559
reference_id CVE-2021-41559
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-41559
5
reference_url https://www.silverstripe.org/download/security-releases/cve-2021-41559
reference_id CVE-2021-41559
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/cve-2021-41559
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2021-41559.yaml
reference_id CVE-2021-41559.YAML
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2021-41559.yaml
7
reference_url https://github.com/advisories/GHSA-9fmg-89fx-r33w
reference_id GHSA-9fmg-89fx-r33w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9fmg-89fx-r33w
fixed_packages
0
url pkg:composer/silverstripe/framework@4.10.9
purl pkg:composer/silverstripe/framework@4.10.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-adng-1x6w-2baj
5
vulnerability VCID-d1ap-2u1x-y7gg
6
vulnerability VCID-d6gt-9mst-dub4
7
vulnerability VCID-ewqs-8fqc-b3hk
8
vulnerability VCID-gr5g-7tkc-2kfa
9
vulnerability VCID-k2xa-uwrr-ffez
10
vulnerability VCID-kcq9-5h99-abct
11
vulnerability VCID-nzdu-xh5w-27g7
12
vulnerability VCID-txyu-4qkf-r3cs
13
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.10.9
1
url pkg:composer/silverstripe/framework@4.11.0-beta1
purl pkg:composer/silverstripe/framework@4.11.0-beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-adng-1x6w-2baj
4
vulnerability VCID-d1ap-2u1x-y7gg
5
vulnerability VCID-d6gt-9mst-dub4
6
vulnerability VCID-ewqs-8fqc-b3hk
7
vulnerability VCID-gr5g-7tkc-2kfa
8
vulnerability VCID-k2xa-uwrr-ffez
9
vulnerability VCID-kcq9-5h99-abct
10
vulnerability VCID-nzdu-xh5w-27g7
11
vulnerability VCID-txyu-4qkf-r3cs
12
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.11.0-beta1
aliases CVE-2021-41559, GHSA-9fmg-89fx-r33w
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8csb-m7rv-xyh2
6
url VCID-9vwe-uejx-c3c5
vulnerability_id VCID-9vwe-uejx-c3c5
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12246
reference_id
reference_type
scores
0
value 0.00156
scoring_system epss
scoring_elements 0.36012
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12246
1
reference_url https://forum.silverstripe.org/c/releases
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://forum.silverstripe.org/c/releases
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-12246.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-12246.yaml
3
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
4
reference_url https://github.com/silverstripe/silverstripe-framework/commit/ca56e8d78e468874b9267c94d8ec75240b6da0ab
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/commit/ca56e8d78e468874b9267c94d8ec75240b6da0ab
5
reference_url https://www.silverstripe.org/blog/tag/release
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/blog/tag/release
6
reference_url https://www.silverstripe.org/download/security-releases/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-12246
reference_id CVE-2019-12246
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-12246
8
reference_url https://www.silverstripe.org/download/security-releases/cve-2019-12246
reference_id CVE-2019-12246
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/cve-2019-12246
fixed_packages
0
url pkg:composer/silverstripe/framework@4.3.4
purl pkg:composer/silverstripe/framework@4.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d62k-jng6-5fd8
11
vulnerability VCID-d6gt-9mst-dub4
12
vulnerability VCID-dgmv-7v1e-k3b9
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-hj46-jp5w-ckd1
18
vulnerability VCID-jc9t-3hb5-z3g5
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-kcq9-5h99-abct
21
vulnerability VCID-mvra-6wnv-xya1
22
vulnerability VCID-nzdu-xh5w-27g7
23
vulnerability VCID-qrhh-c86j-rqe6
24
vulnerability VCID-txyu-4qkf-r3cs
25
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.4
1
url pkg:composer/silverstripe/framework@4.4.0
purl pkg:composer/silverstripe/framework@4.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4mg2-rjsn-qyfx
3
vulnerability VCID-4qq2-bbj1-8fdb
4
vulnerability VCID-4vmq-kug8-dug8
5
vulnerability VCID-4ywc-gcvd-73a9
6
vulnerability VCID-5ccd-zu9e-yfgp
7
vulnerability VCID-5j19-xx5v-fkck
8
vulnerability VCID-7kmy-8ht6-8fcw
9
vulnerability VCID-8csb-m7rv-xyh2
10
vulnerability VCID-adng-1x6w-2baj
11
vulnerability VCID-cskj-c9ur-47dj
12
vulnerability VCID-d1ap-2u1x-y7gg
13
vulnerability VCID-d62k-jng6-5fd8
14
vulnerability VCID-d6gt-9mst-dub4
15
vulnerability VCID-dgmv-7v1e-k3b9
16
vulnerability VCID-djww-2v4e-qkb2
17
vulnerability VCID-ewqs-8fqc-b3hk
18
vulnerability VCID-fn6y-hytc-r3b5
19
vulnerability VCID-gr5g-7tkc-2kfa
20
vulnerability VCID-hj46-jp5w-ckd1
21
vulnerability VCID-jc9t-3hb5-z3g5
22
vulnerability VCID-k2xa-uwrr-ffez
23
vulnerability VCID-k6ed-y2ud-wffu
24
vulnerability VCID-kcq9-5h99-abct
25
vulnerability VCID-m2bw-tabk-qyd8
26
vulnerability VCID-mvra-6wnv-xya1
27
vulnerability VCID-nzdu-xh5w-27g7
28
vulnerability VCID-qrhh-c86j-rqe6
29
vulnerability VCID-txyu-4qkf-r3cs
30
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.4.0
aliases CVE-2019-12246, GHSA-5fr8-xhqq-4p3q
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9vwe-uejx-c3c5
7
url VCID-adng-1x6w-2baj
vulnerability_id VCID-adng-1x6w-2baj
summary 
Improper Input Validation
Silverstripe Framework is the MVC framework that powers Silverstripe CMS. When a new member record is created and a password is not set, an empty encrypted password is generated. As a result, if someone is aware of the existence of a member record associated with a specific email address, they can potentially attempt to log in using that empty password. Although the default member authenticator and login form require a non-empty password, alternative authentication methods might still permit a successful login with the empty password. This issue has been patched in versions 4.13.4 and 5.0.13.
references
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-32302.yaml
reference_id
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-32302.yaml
1
reference_url https://github.com/github/advisory-database/pull/2575
reference_id
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/github/advisory-database/pull/2575
2
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
3
reference_url https://github.com/silverstripe/silverstripe-framework/commit/7b21b38ac4532d06565dfcefad50540ebd2b50f4
reference_id
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/commit/7b21b38ac4532d06565dfcefad50540ebd2b50f4
4
reference_url https://github.com/silverstripe/silverstripe-framework/releases/tag/4.13.14
reference_id
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/releases/tag/4.13.14
5
reference_url https://github.com/silverstripe/silverstripe-framework/releases/tag/5.0.13
reference_id
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/releases/tag/5.0.13
6
reference_url https://www.silverstripe.org/download/security-releases/CVE-2023-32302
reference_id
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/CVE-2023-32302
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-32302
reference_id CVE-2023-32302
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-32302
8
reference_url https://github.com/advisories/GHSA-36xx-7vf6-7mv3
reference_id GHSA-36xx-7vf6-7mv3
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-36xx-7vf6-7mv3
9
reference_url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-36xx-7vf6-7mv3
reference_id GHSA-36xx-7vf6-7mv3
reference_type
scores
0
value 0.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-36xx-7vf6-7mv3
fixed_packages
0
url pkg:composer/silverstripe/framework@4.13.14
purl pkg:composer/silverstripe/framework@4.13.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-4qq2-bbj1-8fdb
2
vulnerability VCID-d1ap-2u1x-y7gg
3
vulnerability VCID-d6gt-9mst-dub4
4
vulnerability VCID-ewqs-8fqc-b3hk
5
vulnerability VCID-k2xa-uwrr-ffez
6
vulnerability VCID-kcq9-5h99-abct
7
vulnerability VCID-txyu-4qkf-r3cs
8
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.13.14
1
url pkg:composer/silverstripe/framework@5.0.13
purl pkg:composer/silverstripe/framework@5.0.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-4qq2-bbj1-8fdb
2
vulnerability VCID-d1ap-2u1x-y7gg
3
vulnerability VCID-d6gt-9mst-dub4
4
vulnerability VCID-ewqs-8fqc-b3hk
5
vulnerability VCID-k2xa-uwrr-ffez
6
vulnerability VCID-kcq9-5h99-abct
7
vulnerability VCID-txyu-4qkf-r3cs
8
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.0.13
aliases CVE-2023-32302, GHSA-36xx-7vf6-7mv3
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-adng-1x6w-2baj
8
url VCID-cskj-c9ur-47dj
vulnerability_id VCID-cskj-c9ur-47dj
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-26136
reference_id
reference_type
scores
0
value 0.00216
scoring_system epss
scoring_elements 0.44161
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-26136
1
reference_url https://forum.silverstripe.org/c/releases
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://forum.silverstripe.org/c/releases
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/graphql/CVE-2020-26136.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/graphql/CVE-2020-26136.yaml
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-26136
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-26136
4
reference_url https://www.silverstripe.org/blog/tag/release
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/blog/tag/release
5
reference_url https://www.silverstripe.org/download/security-releases
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases
6
reference_url https://www.silverstripe.org/download/security-releases/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/
7
reference_url https://www.silverstripe.org/download/security-releases/cve-2020-26136
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/cve-2020-26136
8
reference_url https://github.com/advisories/GHSA-mg2g-8pwj-r2j2
reference_id GHSA-mg2g-8pwj-r2j2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mg2g-8pwj-r2j2
fixed_packages
0
url pkg:composer/silverstripe/framework@4.6.0
purl pkg:composer/silverstripe/framework@4.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-d1ap-2u1x-y7gg
9
vulnerability VCID-d6gt-9mst-dub4
10
vulnerability VCID-ewqs-8fqc-b3hk
11
vulnerability VCID-gr5g-7tkc-2kfa
12
vulnerability VCID-hj46-jp5w-ckd1
13
vulnerability VCID-k2xa-uwrr-ffez
14
vulnerability VCID-kcq9-5h99-abct
15
vulnerability VCID-mvra-6wnv-xya1
16
vulnerability VCID-nzdu-xh5w-27g7
17
vulnerability VCID-txyu-4qkf-r3cs
18
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.6.0
aliases CVE-2020-26136, GHSA-mg2g-8pwj-r2j2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cskj-c9ur-47dj
9
url VCID-d1ap-2u1x-y7gg
vulnerability_id VCID-d1ap-2u1x-y7gg
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-53277
reference_id
reference_type
scores
0
value 0.01074
scoring_system epss
scoring_elements 0.78068
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-53277
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2024-53277.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2024-53277.yaml
2
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
3
reference_url https://github.com/silverstripe/silverstripe-framework/commit/74904f539347b7d1f8c5b5fb9e28d62ff251ee00
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:52:17Z/
url https://github.com/silverstripe/silverstripe-framework/commit/74904f539347b7d1f8c5b5fb9e28d62ff251ee00
4
reference_url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-ff6q-3c9c-6cf5
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:52:17Z/
url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-ff6q-3c9c-6cf5
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-53277
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-53277
6
reference_url https://www.silverstripe.org/download/security-releases/cve-2024-53277
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:52:17Z/
url https://www.silverstripe.org/download/security-releases/cve-2024-53277
7
reference_url https://github.com/advisories/GHSA-ff6q-3c9c-6cf5
reference_id GHSA-ff6q-3c9c-6cf5
reference_type
scores
url https://github.com/advisories/GHSA-ff6q-3c9c-6cf5
fixed_packages
0
url pkg:composer/silverstripe/framework@5.3.8
purl pkg:composer/silverstripe/framework@5.3.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.3.8
1
url pkg:composer/silverstripe/framework@6.0.0-alpha1
purl pkg:composer/silverstripe/framework@6.0.0-alpha1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@6.0.0-alpha1
aliases CVE-2024-53277, GHSA-ff6q-3c9c-6cf5
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d1ap-2u1x-y7gg
10
url VCID-d6gt-9mst-dub4
vulnerability_id VCID-d6gt-9mst-dub4
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-32981
reference_id
reference_type
scores
0
value 0.0105
scoring_system epss
scoring_elements 0.77841
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-32981
1
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
2
reference_url https://github.com/silverstripe/silverstripe-framework/commit/b8d20dc9d531550e06fd7da7a0eafa551922e2e1
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T13:18:39Z/
url https://github.com/silverstripe/silverstripe-framework/commit/b8d20dc9d531550e06fd7da7a0eafa551922e2e1
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-32981
reference_id CVE-2024-32981
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-32981
4
reference_url https://www.silverstripe.org/download/security-releases/cve-2024-32981
reference_id CVE-2024-32981
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T13:18:39Z/
url https://www.silverstripe.org/download/security-releases/cve-2024-32981
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2024-32981.yaml
reference_id CVE-2024-32981.YAML
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2024-32981.yaml
6
reference_url https://github.com/advisories/GHSA-chx7-9x8h-r5mg
reference_id GHSA-chx7-9x8h-r5mg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-chx7-9x8h-r5mg
7
reference_url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-chx7-9x8h-r5mg
reference_id GHSA-chx7-9x8h-r5mg
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T13:18:39Z/
url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-chx7-9x8h-r5mg
fixed_packages
0
url pkg:composer/silverstripe/framework@5.2.16
purl pkg:composer/silverstripe/framework@5.2.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-4qq2-bbj1-8fdb
2
vulnerability VCID-d1ap-2u1x-y7gg
3
vulnerability VCID-ewqs-8fqc-b3hk
4
vulnerability VCID-kcq9-5h99-abct
5
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.2.16
aliases CVE-2024-32981, GHSA-chx7-9x8h-r5mg
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d6gt-9mst-dub4
11
url VCID-djww-2v4e-qkb2
vulnerability_id VCID-djww-2v4e-qkb2
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-26138
reference_id
reference_type
scores
0
value 0.00292
scoring_system epss
scoring_elements 0.52834
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-26138
1
reference_url https://forum.silverstripe.org/c/releases
reference_id
reference_type
scores
url https://forum.silverstripe.org/c/releases
2
reference_url https://www.silverstripe.org/blog/tag/release
reference_id
reference_type
scores
url https://www.silverstripe.org/blog/tag/release
3
reference_url https://www.silverstripe.org/download/security-releases/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-26138
reference_id CVE-2020-26138
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-26138
5
reference_url https://www.silverstripe.org/download/security-releases/cve-2020-26138
reference_id CVE-2020-26138
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/cve-2020-26138
6
reference_url https://www.silverstripe.org/download/security-releases/cve-2020-26138/
reference_id CVE-2020-26138
reference_type
scores
url https://www.silverstripe.org/download/security-releases/cve-2020-26138/
7
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2020-26138.yaml
reference_id CVE-2020-26138.YAML
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2020-26138.yaml
8
reference_url https://github.com/advisories/GHSA-7mv4-4xpg-xq44
reference_id GHSA-7mv4-4xpg-xq44
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7mv4-4xpg-xq44
fixed_packages
0
url pkg:composer/silverstripe/framework@4.6.0
purl pkg:composer/silverstripe/framework@4.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-d1ap-2u1x-y7gg
9
vulnerability VCID-d6gt-9mst-dub4
10
vulnerability VCID-ewqs-8fqc-b3hk
11
vulnerability VCID-gr5g-7tkc-2kfa
12
vulnerability VCID-hj46-jp5w-ckd1
13
vulnerability VCID-k2xa-uwrr-ffez
14
vulnerability VCID-kcq9-5h99-abct
15
vulnerability VCID-mvra-6wnv-xya1
16
vulnerability VCID-nzdu-xh5w-27g7
17
vulnerability VCID-txyu-4qkf-r3cs
18
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.6.0
1
url pkg:composer/silverstripe/framework@4.7.4
purl pkg:composer/silverstripe/framework@4.7.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-d1ap-2u1x-y7gg
9
vulnerability VCID-d6gt-9mst-dub4
10
vulnerability VCID-ewqs-8fqc-b3hk
11
vulnerability VCID-gr5g-7tkc-2kfa
12
vulnerability VCID-hj46-jp5w-ckd1
13
vulnerability VCID-k2xa-uwrr-ffez
14
vulnerability VCID-kcq9-5h99-abct
15
vulnerability VCID-mvra-6wnv-xya1
16
vulnerability VCID-nzdu-xh5w-27g7
17
vulnerability VCID-txyu-4qkf-r3cs
18
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.7.4
aliases CVE-2020-26138, GHSA-7mv4-4xpg-xq44
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-djww-2v4e-qkb2
12
url VCID-ewqs-8fqc-b3hk
vulnerability_id VCID-ewqs-8fqc-b3hk
summary 
Reflected Cross Site Scripting (XSS) in error message
If a website has been set to the "dev" environment mode, a URL can be provided which includes an XSS payload which will be executed in the resulting error message.
references
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2024-002.yaml
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2024-002.yaml
1
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
2
reference_url https://www.silverstripe.org/download/security-releases/ss-2024-002
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/ss-2024-002
3
reference_url https://github.com/advisories/GHSA-74j9-xhqr-6qv3
reference_id GHSA-74j9-xhqr-6qv3
reference_type
scores
url https://github.com/advisories/GHSA-74j9-xhqr-6qv3
fixed_packages
0
url pkg:composer/silverstripe/framework@5.3.8
purl pkg:composer/silverstripe/framework@5.3.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.3.8
aliases GHSA-74j9-xhqr-6qv3
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ewqs-8fqc-b3hk
13
url VCID-gr5g-7tkc-2kfa
vulnerability_id VCID-gr5g-7tkc-2kfa
summary 
Missing Authorization
Silverstripe Framework is the Model-View-Controller framework that powers the Silverstripe content management system. Prior to version 4.12.15, the GridField print view incorrectly validates the permission of DataObjects potentially allowing a content author to view records they are not authorised to access. Users should upgrade to Silverstripe Framework 4.12.15 or above to address the issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-22728
reference_id
reference_type
scores
0
value 0.00054
scoring_system epss
scoring_elements 0.17257
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-22728
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-22728.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-22728.yaml
2
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
3
reference_url https://github.com/silverstripe/silverstripe-framework/commit/fd5d8217e83768d7bf841e94b2d4d82642d5bc58
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-31T16:10:52Z/
url https://github.com/silverstripe/silverstripe-framework/commit/fd5d8217e83768d7bf841e94b2d4d82642d5bc58
4
reference_url https://www.silverstripe.org/download/security-releases/cve-2023-22728
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/cve-2023-22728
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-22728
reference_id CVE-2023-22728
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-22728
6
reference_url https://github.com/advisories/GHSA-jh3w-6jp2-vqqm
reference_id GHSA-jh3w-6jp2-vqqm
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jh3w-6jp2-vqqm
7
reference_url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-jh3w-6jp2-vqqm
reference_id GHSA-jh3w-6jp2-vqqm
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-31T16:10:52Z/
url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-jh3w-6jp2-vqqm
fixed_packages
0
url pkg:composer/silverstripe/framework@4.12.5
purl pkg:composer/silverstripe/framework@4.12.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-4qq2-bbj1-8fdb
2
vulnerability VCID-adng-1x6w-2baj
3
vulnerability VCID-d1ap-2u1x-y7gg
4
vulnerability VCID-d6gt-9mst-dub4
5
vulnerability VCID-ewqs-8fqc-b3hk
6
vulnerability VCID-k2xa-uwrr-ffez
7
vulnerability VCID-kcq9-5h99-abct
8
vulnerability VCID-txyu-4qkf-r3cs
9
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.12.5
aliases CVE-2023-22728, GHSA-jh3w-6jp2-vqqm
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gr5g-7tkc-2kfa
14
url VCID-k1aa-deyg-2kdg
vulnerability_id VCID-k1aa-deyg-2kdg
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-14272
reference_id
reference_type
scores
0
value 0.00347
scoring_system epss
scoring_elements 0.57522
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-14272
1
reference_url https://forum.silverstripe.org/c/releases
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://forum.silverstripe.org/c/releases
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-14272.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-14272.yaml
3
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
4
reference_url https://www.silverstripe.org/blog/tag/release
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/blog/tag/release
5
reference_url https://www.silverstripe.org/download/security-releases/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-14272
reference_id CVE-2019-14272
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-14272
7
reference_url https://www.silverstripe.org/download/security-releases/CVE-2019-14272
reference_id CVE-2019-14272
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/CVE-2019-14272
fixed_packages
0
url pkg:composer/silverstripe/framework@4.0.1-rc1
purl pkg:composer/silverstripe/framework@4.0.1-rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-25r7-spjd-qufz
2
vulnerability VCID-2e1q-fc4b-mydq
3
vulnerability VCID-2p3r-ff36-aqfm
4
vulnerability VCID-2uck-cp19-v3e9
5
vulnerability VCID-3497-71mw-yqh8
6
vulnerability VCID-4mg2-rjsn-qyfx
7
vulnerability VCID-4qq2-bbj1-8fdb
8
vulnerability VCID-4vmq-kug8-dug8
9
vulnerability VCID-5ccd-zu9e-yfgp
10
vulnerability VCID-5j19-xx5v-fkck
11
vulnerability VCID-6zn9-kt2q-s3bq
12
vulnerability VCID-7kmy-8ht6-8fcw
13
vulnerability VCID-8csb-m7rv-xyh2
14
vulnerability VCID-9vwe-uejx-c3c5
15
vulnerability VCID-adng-1x6w-2baj
16
vulnerability VCID-c3aa-8je2-quek
17
vulnerability VCID-cskj-c9ur-47dj
18
vulnerability VCID-d1ap-2u1x-y7gg
19
vulnerability VCID-d62k-jng6-5fd8
20
vulnerability VCID-d6gt-9mst-dub4
21
vulnerability VCID-dgmv-7v1e-k3b9
22
vulnerability VCID-djww-2v4e-qkb2
23
vulnerability VCID-ewqs-8fqc-b3hk
24
vulnerability VCID-fn6y-hytc-r3b5
25
vulnerability VCID-gr5g-7tkc-2kfa
26
vulnerability VCID-hj46-jp5w-ckd1
27
vulnerability VCID-hp6e-75gr-uuan
28
vulnerability VCID-hsfb-xx67-7qg6
29
vulnerability VCID-jc9t-3hb5-z3g5
30
vulnerability VCID-jxym-rkhj-yybr
31
vulnerability VCID-k2xa-uwrr-ffez
32
vulnerability VCID-k8vz-xw7w-e3dg
33
vulnerability VCID-kcq9-5h99-abct
34
vulnerability VCID-m2bw-tabk-qyd8
35
vulnerability VCID-mfzd-r5pm-q7es
36
vulnerability VCID-mvra-6wnv-xya1
37
vulnerability VCID-nzdu-xh5w-27g7
38
vulnerability VCID-pmb3-k9w1-y7gm
39
vulnerability VCID-qrhh-c86j-rqe6
40
vulnerability VCID-s99v-qdmh-ebf8
41
vulnerability VCID-txyu-4qkf-r3cs
42
vulnerability VCID-x6g5-a61e-3khu
43
vulnerability VCID-ywfx-pjg6-aqcj
44
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.1-rc1
1
url pkg:composer/silverstripe/framework@4.0.1
purl pkg:composer/silverstripe/framework@4.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-25r7-spjd-qufz
2
vulnerability VCID-2e1q-fc4b-mydq
3
vulnerability VCID-2p3r-ff36-aqfm
4
vulnerability VCID-2uck-cp19-v3e9
5
vulnerability VCID-3497-71mw-yqh8
6
vulnerability VCID-4mg2-rjsn-qyfx
7
vulnerability VCID-4qq2-bbj1-8fdb
8
vulnerability VCID-4vmq-kug8-dug8
9
vulnerability VCID-5ccd-zu9e-yfgp
10
vulnerability VCID-5j19-xx5v-fkck
11
vulnerability VCID-6zn9-kt2q-s3bq
12
vulnerability VCID-7kmy-8ht6-8fcw
13
vulnerability VCID-8csb-m7rv-xyh2
14
vulnerability VCID-9vwe-uejx-c3c5
15
vulnerability VCID-adng-1x6w-2baj
16
vulnerability VCID-c3aa-8je2-quek
17
vulnerability VCID-cskj-c9ur-47dj
18
vulnerability VCID-d1ap-2u1x-y7gg
19
vulnerability VCID-d62k-jng6-5fd8
20
vulnerability VCID-d6gt-9mst-dub4
21
vulnerability VCID-dgmv-7v1e-k3b9
22
vulnerability VCID-djww-2v4e-qkb2
23
vulnerability VCID-ewqs-8fqc-b3hk
24
vulnerability VCID-fn6y-hytc-r3b5
25
vulnerability VCID-gr5g-7tkc-2kfa
26
vulnerability VCID-hj46-jp5w-ckd1
27
vulnerability VCID-jc9t-3hb5-z3g5
28
vulnerability VCID-jxym-rkhj-yybr
29
vulnerability VCID-k2xa-uwrr-ffez
30
vulnerability VCID-kcq9-5h99-abct
31
vulnerability VCID-m2bw-tabk-qyd8
32
vulnerability VCID-mfzd-r5pm-q7es
33
vulnerability VCID-mvra-6wnv-xya1
34
vulnerability VCID-nzdu-xh5w-27g7
35
vulnerability VCID-pmb3-k9w1-y7gm
36
vulnerability VCID-qrhh-c86j-rqe6
37
vulnerability VCID-txyu-4qkf-r3cs
38
vulnerability VCID-x6g5-a61e-3khu
39
vulnerability VCID-ywfx-pjg6-aqcj
40
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.1
2
url pkg:composer/silverstripe/framework@4.3.5
purl pkg:composer/silverstripe/framework@4.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d62k-jng6-5fd8
11
vulnerability VCID-d6gt-9mst-dub4
12
vulnerability VCID-dgmv-7v1e-k3b9
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-hj46-jp5w-ckd1
18
vulnerability VCID-k2xa-uwrr-ffez
19
vulnerability VCID-kcq9-5h99-abct
20
vulnerability VCID-mvra-6wnv-xya1
21
vulnerability VCID-nzdu-xh5w-27g7
22
vulnerability VCID-qrhh-c86j-rqe6
23
vulnerability VCID-txyu-4qkf-r3cs
24
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.5
3
url pkg:composer/silverstripe/framework@4.4.4
purl pkg:composer/silverstripe/framework@4.4.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-4ywc-gcvd-73a9
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-5j19-xx5v-fkck
7
vulnerability VCID-8csb-m7rv-xyh2
8
vulnerability VCID-adng-1x6w-2baj
9
vulnerability VCID-cskj-c9ur-47dj
10
vulnerability VCID-d1ap-2u1x-y7gg
11
vulnerability VCID-d62k-jng6-5fd8
12
vulnerability VCID-d6gt-9mst-dub4
13
vulnerability VCID-dgmv-7v1e-k3b9
14
vulnerability VCID-djww-2v4e-qkb2
15
vulnerability VCID-ewqs-8fqc-b3hk
16
vulnerability VCID-fn6y-hytc-r3b5
17
vulnerability VCID-gr5g-7tkc-2kfa
18
vulnerability VCID-hj46-jp5w-ckd1
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-kcq9-5h99-abct
21
vulnerability VCID-mvra-6wnv-xya1
22
vulnerability VCID-nzdu-xh5w-27g7
23
vulnerability VCID-qrhh-c86j-rqe6
24
vulnerability VCID-txyu-4qkf-r3cs
25
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.4.4
aliases CVE-2019-14272, GHSA-jgw2-f5mx-rg7h
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k1aa-deyg-2kdg
15
url VCID-k2xa-uwrr-ffez
vulnerability_id VCID-k2xa-uwrr-ffez
summary Silverstripe uses TinyMCE which allows svg files linked in object tags
references
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2024-001.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2024-001.yaml
1
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
2
reference_url https://www.silverstripe.org/download/security-releases/ss-2024-001
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/ss-2024-001
3
reference_url https://github.com/advisories/GHSA-52cw-pvq9-9m5v
reference_id GHSA-52cw-pvq9-9m5v
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-52cw-pvq9-9m5v
4
reference_url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-52cw-pvq9-9m5v
reference_id GHSA-52cw-pvq9-9m5v
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-52cw-pvq9-9m5v
5
reference_url https://github.com/advisories/GHSA-5359-pvf2-pw78
reference_id GHSA-5359-pvf2-pw78
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-5359-pvf2-pw78
fixed_packages
0
url pkg:composer/silverstripe/framework@5.2.16
purl pkg:composer/silverstripe/framework@5.2.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-4qq2-bbj1-8fdb
2
vulnerability VCID-d1ap-2u1x-y7gg
3
vulnerability VCID-ewqs-8fqc-b3hk
4
vulnerability VCID-kcq9-5h99-abct
5
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.2.16
aliases GHSA-52cw-pvq9-9m5v
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k2xa-uwrr-ffez
16
url VCID-k6ed-y2ud-wffu
vulnerability_id VCID-k6ed-y2ud-wffu
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-14273
reference_id
reference_type
scores
0
value 0.00336
scoring_system epss
scoring_elements 0.56678
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-14273
1
reference_url https://forum.silverstripe.org/c/releases
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://forum.silverstripe.org/c/releases
2
reference_url https://github.com/FriendsOfPHP/security-advisories
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories
3
reference_url https://www.silverstripe.org/blog/tag/release
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/blog/tag/release
4
reference_url https://www.silverstripe.org/download/security-releases
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases
5
reference_url https://www.silverstripe.org/download/security-releases/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-14273
reference_id CVE-2019-14273
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-14273
7
reference_url https://www.silverstripe.org/download/security-releases/CVE-2019-14273
reference_id CVE-2019-14273
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/CVE-2019-14273
8
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-14273.yaml
reference_id CVE-2019-14273.YAML
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-14273.yaml
9
reference_url https://github.com/advisories/GHSA-43jj-2rwc-2m3f
reference_id GHSA-43jj-2rwc-2m3f
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-43jj-2rwc-2m3f
fixed_packages
0
url pkg:composer/silverstripe/framework@4.0.1-rc1
purl pkg:composer/silverstripe/framework@4.0.1-rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-25r7-spjd-qufz
2
vulnerability VCID-2e1q-fc4b-mydq
3
vulnerability VCID-2p3r-ff36-aqfm
4
vulnerability VCID-2uck-cp19-v3e9
5
vulnerability VCID-3497-71mw-yqh8
6
vulnerability VCID-4mg2-rjsn-qyfx
7
vulnerability VCID-4qq2-bbj1-8fdb
8
vulnerability VCID-4vmq-kug8-dug8
9
vulnerability VCID-5ccd-zu9e-yfgp
10
vulnerability VCID-5j19-xx5v-fkck
11
vulnerability VCID-6zn9-kt2q-s3bq
12
vulnerability VCID-7kmy-8ht6-8fcw
13
vulnerability VCID-8csb-m7rv-xyh2
14
vulnerability VCID-9vwe-uejx-c3c5
15
vulnerability VCID-adng-1x6w-2baj
16
vulnerability VCID-c3aa-8je2-quek
17
vulnerability VCID-cskj-c9ur-47dj
18
vulnerability VCID-d1ap-2u1x-y7gg
19
vulnerability VCID-d62k-jng6-5fd8
20
vulnerability VCID-d6gt-9mst-dub4
21
vulnerability VCID-dgmv-7v1e-k3b9
22
vulnerability VCID-djww-2v4e-qkb2
23
vulnerability VCID-ewqs-8fqc-b3hk
24
vulnerability VCID-fn6y-hytc-r3b5
25
vulnerability VCID-gr5g-7tkc-2kfa
26
vulnerability VCID-hj46-jp5w-ckd1
27
vulnerability VCID-hp6e-75gr-uuan
28
vulnerability VCID-hsfb-xx67-7qg6
29
vulnerability VCID-jc9t-3hb5-z3g5
30
vulnerability VCID-jxym-rkhj-yybr
31
vulnerability VCID-k2xa-uwrr-ffez
32
vulnerability VCID-k8vz-xw7w-e3dg
33
vulnerability VCID-kcq9-5h99-abct
34
vulnerability VCID-m2bw-tabk-qyd8
35
vulnerability VCID-mfzd-r5pm-q7es
36
vulnerability VCID-mvra-6wnv-xya1
37
vulnerability VCID-nzdu-xh5w-27g7
38
vulnerability VCID-pmb3-k9w1-y7gm
39
vulnerability VCID-qrhh-c86j-rqe6
40
vulnerability VCID-s99v-qdmh-ebf8
41
vulnerability VCID-txyu-4qkf-r3cs
42
vulnerability VCID-x6g5-a61e-3khu
43
vulnerability VCID-ywfx-pjg6-aqcj
44
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.1-rc1
1
url pkg:composer/silverstripe/framework@4.0.1
purl pkg:composer/silverstripe/framework@4.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-25r7-spjd-qufz
2
vulnerability VCID-2e1q-fc4b-mydq
3
vulnerability VCID-2p3r-ff36-aqfm
4
vulnerability VCID-2uck-cp19-v3e9
5
vulnerability VCID-3497-71mw-yqh8
6
vulnerability VCID-4mg2-rjsn-qyfx
7
vulnerability VCID-4qq2-bbj1-8fdb
8
vulnerability VCID-4vmq-kug8-dug8
9
vulnerability VCID-5ccd-zu9e-yfgp
10
vulnerability VCID-5j19-xx5v-fkck
11
vulnerability VCID-6zn9-kt2q-s3bq
12
vulnerability VCID-7kmy-8ht6-8fcw
13
vulnerability VCID-8csb-m7rv-xyh2
14
vulnerability VCID-9vwe-uejx-c3c5
15
vulnerability VCID-adng-1x6w-2baj
16
vulnerability VCID-c3aa-8je2-quek
17
vulnerability VCID-cskj-c9ur-47dj
18
vulnerability VCID-d1ap-2u1x-y7gg
19
vulnerability VCID-d62k-jng6-5fd8
20
vulnerability VCID-d6gt-9mst-dub4
21
vulnerability VCID-dgmv-7v1e-k3b9
22
vulnerability VCID-djww-2v4e-qkb2
23
vulnerability VCID-ewqs-8fqc-b3hk
24
vulnerability VCID-fn6y-hytc-r3b5
25
vulnerability VCID-gr5g-7tkc-2kfa
26
vulnerability VCID-hj46-jp5w-ckd1
27
vulnerability VCID-jc9t-3hb5-z3g5
28
vulnerability VCID-jxym-rkhj-yybr
29
vulnerability VCID-k2xa-uwrr-ffez
30
vulnerability VCID-kcq9-5h99-abct
31
vulnerability VCID-m2bw-tabk-qyd8
32
vulnerability VCID-mfzd-r5pm-q7es
33
vulnerability VCID-mvra-6wnv-xya1
34
vulnerability VCID-nzdu-xh5w-27g7
35
vulnerability VCID-pmb3-k9w1-y7gm
36
vulnerability VCID-qrhh-c86j-rqe6
37
vulnerability VCID-txyu-4qkf-r3cs
38
vulnerability VCID-x6g5-a61e-3khu
39
vulnerability VCID-ywfx-pjg6-aqcj
40
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.1
2
url pkg:composer/silverstripe/framework@4.3.5
purl pkg:composer/silverstripe/framework@4.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d62k-jng6-5fd8
11
vulnerability VCID-d6gt-9mst-dub4
12
vulnerability VCID-dgmv-7v1e-k3b9
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-hj46-jp5w-ckd1
18
vulnerability VCID-k2xa-uwrr-ffez
19
vulnerability VCID-kcq9-5h99-abct
20
vulnerability VCID-mvra-6wnv-xya1
21
vulnerability VCID-nzdu-xh5w-27g7
22
vulnerability VCID-qrhh-c86j-rqe6
23
vulnerability VCID-txyu-4qkf-r3cs
24
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.5
3
url pkg:composer/silverstripe/framework@4.4.4
purl pkg:composer/silverstripe/framework@4.4.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-4ywc-gcvd-73a9
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-5j19-xx5v-fkck
7
vulnerability VCID-8csb-m7rv-xyh2
8
vulnerability VCID-adng-1x6w-2baj
9
vulnerability VCID-cskj-c9ur-47dj
10
vulnerability VCID-d1ap-2u1x-y7gg
11
vulnerability VCID-d62k-jng6-5fd8
12
vulnerability VCID-d6gt-9mst-dub4
13
vulnerability VCID-dgmv-7v1e-k3b9
14
vulnerability VCID-djww-2v4e-qkb2
15
vulnerability VCID-ewqs-8fqc-b3hk
16
vulnerability VCID-fn6y-hytc-r3b5
17
vulnerability VCID-gr5g-7tkc-2kfa
18
vulnerability VCID-hj46-jp5w-ckd1
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-kcq9-5h99-abct
21
vulnerability VCID-mvra-6wnv-xya1
22
vulnerability VCID-nzdu-xh5w-27g7
23
vulnerability VCID-qrhh-c86j-rqe6
24
vulnerability VCID-txyu-4qkf-r3cs
25
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.4.4
aliases CVE-2019-14273, GHSA-43jj-2rwc-2m3f
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k6ed-y2ud-wffu
17
url VCID-kcq9-5h99-abct
vulnerability_id VCID-kcq9-5h99-abct
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-47605
reference_id
reference_type
scores
0
value 0.05366
scoring_system epss
scoring_elements 0.9023
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-47605
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2024-47605.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2024-47605.yaml
2
reference_url https://github.com/silverstripe/silverstripe-asset-admin/security/advisories/GHSA-7cmp-cgg8-4c82
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:53:47Z/
url https://github.com/silverstripe/silverstripe-asset-admin/security/advisories/GHSA-7cmp-cgg8-4c82
3
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
4
reference_url https://github.com/silverstripe/silverstripe-framework/commit/09b5052c86932f273e0d733428c9aade70ff2a4a
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:53:47Z/
url https://github.com/silverstripe/silverstripe-framework/commit/09b5052c86932f273e0d733428c9aade70ff2a4a
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-47605
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-47605
6
reference_url https://www.silverstripe.org/download/security-releases/cve-2024-47605
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:53:47Z/
url https://www.silverstripe.org/download/security-releases/cve-2024-47605
7
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52199.txt
reference_id CVE-2024-47605
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52199.txt
8
reference_url https://github.com/advisories/GHSA-7cmp-cgg8-4c82
reference_id GHSA-7cmp-cgg8-4c82
reference_type
scores
url https://github.com/advisories/GHSA-7cmp-cgg8-4c82
fixed_packages
0
url pkg:composer/silverstripe/framework@5.3.8
purl pkg:composer/silverstripe/framework@5.3.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.3.8
1
url pkg:composer/silverstripe/framework@6.0.0-alpha1
purl pkg:composer/silverstripe/framework@6.0.0-alpha1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@6.0.0-alpha1
aliases CVE-2024-47605, GHSA-7cmp-cgg8-4c82
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kcq9-5h99-abct
18
url VCID-m2bw-tabk-qyd8
vulnerability_id VCID-m2bw-tabk-qyd8
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12617
reference_id
reference_type
scores
0
value 0.00304
scoring_system epss
scoring_elements 0.53918
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12617
1
reference_url https://forum.silverstripe.org/c/releases
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://forum.silverstripe.org/c/releases
2
reference_url https://www.silverstripe.org/blog/tag/release
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/blog/tag/release
3
reference_url https://www.silverstripe.org/download/security-releases
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases
4
reference_url https://www.silverstripe.org/download/security-releases/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/
5
reference_url https://www.silverstripe.org/download/security-releases/cve-2019-12617
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/cve-2019-12617
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-12617
reference_id CVE-2019-12617
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-12617
7
reference_url https://www.silverstripe.org/download/security-releases/cve-2019-12617/
reference_id CVE-2019-12617
reference_type
scores
url https://www.silverstripe.org/download/security-releases/cve-2019-12617/
8
reference_url https://www.silverstripe.org/download/security-releases/CVE-2019-12617
reference_id CVE-2019-12617
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/CVE-2019-12617
9
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-12617.yaml
reference_id CVE-2019-12617.YAML
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-12617.yaml
10
reference_url https://github.com/advisories/GHSA-6r58-4xgr-gm6m
reference_id GHSA-6r58-4xgr-gm6m
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6r58-4xgr-gm6m
fixed_packages
0
url pkg:composer/silverstripe/framework@4.3.4
purl pkg:composer/silverstripe/framework@4.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d62k-jng6-5fd8
11
vulnerability VCID-d6gt-9mst-dub4
12
vulnerability VCID-dgmv-7v1e-k3b9
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-hj46-jp5w-ckd1
18
vulnerability VCID-jc9t-3hb5-z3g5
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-kcq9-5h99-abct
21
vulnerability VCID-mvra-6wnv-xya1
22
vulnerability VCID-nzdu-xh5w-27g7
23
vulnerability VCID-qrhh-c86j-rqe6
24
vulnerability VCID-txyu-4qkf-r3cs
25
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.4
1
url pkg:composer/silverstripe/framework@4.3.5
purl pkg:composer/silverstripe/framework@4.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d62k-jng6-5fd8
11
vulnerability VCID-d6gt-9mst-dub4
12
vulnerability VCID-dgmv-7v1e-k3b9
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-hj46-jp5w-ckd1
18
vulnerability VCID-k2xa-uwrr-ffez
19
vulnerability VCID-kcq9-5h99-abct
20
vulnerability VCID-mvra-6wnv-xya1
21
vulnerability VCID-nzdu-xh5w-27g7
22
vulnerability VCID-qrhh-c86j-rqe6
23
vulnerability VCID-txyu-4qkf-r3cs
24
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.5
2
url pkg:composer/silverstripe/framework@4.4.4
purl pkg:composer/silverstripe/framework@4.4.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-4ywc-gcvd-73a9
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-5j19-xx5v-fkck
7
vulnerability VCID-8csb-m7rv-xyh2
8
vulnerability VCID-adng-1x6w-2baj
9
vulnerability VCID-cskj-c9ur-47dj
10
vulnerability VCID-d1ap-2u1x-y7gg
11
vulnerability VCID-d62k-jng6-5fd8
12
vulnerability VCID-d6gt-9mst-dub4
13
vulnerability VCID-dgmv-7v1e-k3b9
14
vulnerability VCID-djww-2v4e-qkb2
15
vulnerability VCID-ewqs-8fqc-b3hk
16
vulnerability VCID-fn6y-hytc-r3b5
17
vulnerability VCID-gr5g-7tkc-2kfa
18
vulnerability VCID-hj46-jp5w-ckd1
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-kcq9-5h99-abct
21
vulnerability VCID-mvra-6wnv-xya1
22
vulnerability VCID-nzdu-xh5w-27g7
23
vulnerability VCID-qrhh-c86j-rqe6
24
vulnerability VCID-txyu-4qkf-r3cs
25
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.4.4
aliases CVE-2019-12617, GHSA-6r58-4xgr-gm6m
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m2bw-tabk-qyd8
19
url VCID-mvra-6wnv-xya1
vulnerability_id VCID-mvra-6wnv-xya1
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
SilverStripe Framework suffers from a XSS vulnerablity.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-36150
reference_id
reference_type
scores
0
value 0.00372
scoring_system epss
scoring_elements 0.59233
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-36150
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/admin/CVE-2021-36150.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/admin/CVE-2021-36150.yaml
2
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
3
reference_url https://github.com/silverstripe/silverstripe-framework/releases
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/releases
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-36150
reference_id CVE-2021-36150
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-36150
5
reference_url https://www.silverstripe.org/download/security-releases/CVE-2021-36150
reference_id CVE-2021-36150
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/CVE-2021-36150
6
reference_url https://github.com/advisories/GHSA-j66h-cc96-c32q
reference_id GHSA-j66h-cc96-c32q
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j66h-cc96-c32q
fixed_packages
0
url pkg:composer/silverstripe/framework@4.9.0-alpha1
purl pkg:composer/silverstripe/framework@4.9.0-alpha1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-d1ap-2u1x-y7gg
9
vulnerability VCID-d6gt-9mst-dub4
10
vulnerability VCID-ewqs-8fqc-b3hk
11
vulnerability VCID-gr5g-7tkc-2kfa
12
vulnerability VCID-hj46-jp5w-ckd1
13
vulnerability VCID-k2xa-uwrr-ffez
14
vulnerability VCID-kcq9-5h99-abct
15
vulnerability VCID-nzdu-xh5w-27g7
16
vulnerability VCID-txyu-4qkf-r3cs
17
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.9.0-alpha1
1
url pkg:composer/silverstripe/framework@4.9.0
purl pkg:composer/silverstripe/framework@4.9.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-d1ap-2u1x-y7gg
9
vulnerability VCID-d6gt-9mst-dub4
10
vulnerability VCID-ewqs-8fqc-b3hk
11
vulnerability VCID-gr5g-7tkc-2kfa
12
vulnerability VCID-hj46-jp5w-ckd1
13
vulnerability VCID-k2xa-uwrr-ffez
14
vulnerability VCID-kcq9-5h99-abct
15
vulnerability VCID-nzdu-xh5w-27g7
16
vulnerability VCID-txyu-4qkf-r3cs
17
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.9.0
aliases CVE-2021-36150, GHSA-j66h-cc96-c32q
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mvra-6wnv-xya1
20
url VCID-nzdu-xh5w-27g7
vulnerability_id VCID-nzdu-xh5w-27g7
summary 
URL Redirection to Untrusted Site ('Open Redirect')
Silverstripe Framework is the Model-View-Controller framework that powers the Silverstripe content management system. Prior to version 4.12.15, an attacker can display a link to a third party website on a login screen by convincing a legitimate content author to follow a specially crafted link. Users should upgrade to Silverstripe Framework 4.12.15 or above to address the issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-22729
reference_id
reference_type
scores
0
value 0.00203
scoring_system epss
scoring_elements 0.42254
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-22729
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-22729.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-22729.yaml
2
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
3
reference_url https://github.com/silverstripe/silverstripe-framework/commit/1a5bb4cbece1721203977910b8ecd8b79c18dc77
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-31T16:10:14Z/
url https://github.com/silverstripe/silverstripe-framework/commit/1a5bb4cbece1721203977910b8ecd8b79c18dc77
4
reference_url https://www.silverstripe.org/download/security-releases/cve-2023-22729
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/cve-2023-22729
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-22729
reference_id CVE-2023-22729
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-22729
6
reference_url https://github.com/advisories/GHSA-fw84-xgm8-9jmv
reference_id GHSA-fw84-xgm8-9jmv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fw84-xgm8-9jmv
7
reference_url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-fw84-xgm8-9jmv
reference_id GHSA-fw84-xgm8-9jmv
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-31T16:10:14Z/
url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-fw84-xgm8-9jmv
fixed_packages
0
url pkg:composer/silverstripe/framework@4.12.5
purl pkg:composer/silverstripe/framework@4.12.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-4qq2-bbj1-8fdb
2
vulnerability VCID-adng-1x6w-2baj
3
vulnerability VCID-d1ap-2u1x-y7gg
4
vulnerability VCID-d6gt-9mst-dub4
5
vulnerability VCID-ewqs-8fqc-b3hk
6
vulnerability VCID-k2xa-uwrr-ffez
7
vulnerability VCID-kcq9-5h99-abct
8
vulnerability VCID-txyu-4qkf-r3cs
9
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.12.5
aliases CVE-2023-22729, GHSA-fw84-xgm8-9jmv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nzdu-xh5w-27g7
21
url VCID-qrhh-c86j-rqe6
vulnerability_id VCID-qrhh-c86j-rqe6
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-25817
reference_id
reference_type
scores
0
value 0.00348
scoring_system epss
scoring_elements 0.57604
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-25817
1
reference_url https://forum.silverstripe.org/c/releases
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://forum.silverstripe.org/c/releases
2
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
3
reference_url https://www.silverstripe.org/blog/tag/release
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/blog/tag/release
4
reference_url https://www.silverstripe.org/download/security-releases
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases
5
reference_url https://www.silverstripe.org/download/security-releases/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-25817
reference_id CVE-2020-25817
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-25817
7
reference_url https://www.silverstripe.org/download/security-releases/cve-2021-25817
reference_id CVE-2021-25817
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/cve-2021-25817
8
reference_url https://github.com/advisories/GHSA-3vjc-5x79-m9r8
reference_id GHSA-3vjc-5x79-m9r8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3vjc-5x79-m9r8
fixed_packages
0
url pkg:composer/silverstripe/framework@4.6.0
purl pkg:composer/silverstripe/framework@4.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-d1ap-2u1x-y7gg
9
vulnerability VCID-d6gt-9mst-dub4
10
vulnerability VCID-ewqs-8fqc-b3hk
11
vulnerability VCID-gr5g-7tkc-2kfa
12
vulnerability VCID-hj46-jp5w-ckd1
13
vulnerability VCID-k2xa-uwrr-ffez
14
vulnerability VCID-kcq9-5h99-abct
15
vulnerability VCID-mvra-6wnv-xya1
16
vulnerability VCID-nzdu-xh5w-27g7
17
vulnerability VCID-txyu-4qkf-r3cs
18
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.6.0
1
url pkg:composer/silverstripe/framework@4.7.4
purl pkg:composer/silverstripe/framework@4.7.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-d1ap-2u1x-y7gg
9
vulnerability VCID-d6gt-9mst-dub4
10
vulnerability VCID-ewqs-8fqc-b3hk
11
vulnerability VCID-gr5g-7tkc-2kfa
12
vulnerability VCID-hj46-jp5w-ckd1
13
vulnerability VCID-k2xa-uwrr-ffez
14
vulnerability VCID-kcq9-5h99-abct
15
vulnerability VCID-mvra-6wnv-xya1
16
vulnerability VCID-nzdu-xh5w-27g7
17
vulnerability VCID-txyu-4qkf-r3cs
18
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.7.4
aliases CVE-2020-25817, GHSA-3vjc-5x79-m9r8
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qrhh-c86j-rqe6
22
url VCID-txyu-4qkf-r3cs
vulnerability_id VCID-txyu-4qkf-r3cs
summary 
Exposure of Sensitive Information to an Unauthorized Actor
Silverstripe Framework is the framework that forms the base of the Silverstripe content management system. Prior to versions 4.13.39 and 5.1.11, if a user should not be able to see a record, but that record can be added to a `GridField` using the `GridFieldAddExistingAutocompleter` component, the record's title can be accessed by that user. Versions 4.13.39 and 5.1.11 contain a fix for this issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-48714
reference_id
reference_type
scores
0
value 0.00226
scoring_system epss
scoring_elements 0.45409
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-48714
1
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-48714
reference_id CVE-2023-48714
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-48714
3
reference_url https://www.silverstripe.org/download/security-releases/CVE-2023-48714
reference_id CVE-2023-48714
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T23:32:05Z/
url https://www.silverstripe.org/download/security-releases/CVE-2023-48714
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-48714.yaml
reference_id CVE-2023-48714.YAML
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-48714.yaml
5
reference_url https://github.com/advisories/GHSA-qm2j-qvq3-j29v
reference_id GHSA-qm2j-qvq3-j29v
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qm2j-qvq3-j29v
6
reference_url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-qm2j-qvq3-j29v
reference_id GHSA-qm2j-qvq3-j29v
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T23:32:05Z/
url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-qm2j-qvq3-j29v
fixed_packages
0
url pkg:composer/silverstripe/framework@4.13.39
purl pkg:composer/silverstripe/framework@4.13.39
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-4qq2-bbj1-8fdb
2
vulnerability VCID-d1ap-2u1x-y7gg
3
vulnerability VCID-d6gt-9mst-dub4
4
vulnerability VCID-ewqs-8fqc-b3hk
5
vulnerability VCID-k2xa-uwrr-ffez
6
vulnerability VCID-kcq9-5h99-abct
7
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.13.39
1
url pkg:composer/silverstripe/framework@5.1.11
purl pkg:composer/silverstripe/framework@5.1.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-4qq2-bbj1-8fdb
2
vulnerability VCID-d1ap-2u1x-y7gg
3
vulnerability VCID-d6gt-9mst-dub4
4
vulnerability VCID-ewqs-8fqc-b3hk
5
vulnerability VCID-k2xa-uwrr-ffez
6
vulnerability VCID-kcq9-5h99-abct
7
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.1.11
aliases CVE-2023-48714, GHSA-qm2j-qvq3-j29v
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-txyu-4qkf-r3cs
23
url VCID-x6g5-a61e-3khu
vulnerability_id VCID-x6g5-a61e-3khu
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12205
reference_id
reference_type
scores
0
value 0.00378
scoring_system epss
scoring_elements 0.59603
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12205
1
reference_url https://forum.silverstripe.org/c/releases
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://forum.silverstripe.org/c/releases
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-12205.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-12205.yaml
3
reference_url https://github.com/silverstripe/silverstripe-admin/commit/6e6fa5c618b9dbf4cc0a56704834bfa1d5b0d18e
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-admin/commit/6e6fa5c618b9dbf4cc0a56704834bfa1d5b0d18e
4
reference_url https://www.silverstripe.org/download/security-releases
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases
5
reference_url https://www.silverstripe.org/download/security-releases/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/
6
reference_url https://www.silverstripe.org/download/security-releases/cve-2019-12205
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/cve-2019-12205
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-12205
reference_id CVE-2019-12205
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-12205
8
reference_url https://www.silverstripe.org/download/security-releases/CVE-2019-12205
reference_id CVE-2019-12205
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/CVE-2019-12205
9
reference_url https://github.com/advisories/GHSA-rfvw-5848-gxc5
reference_id GHSA-rfvw-5848-gxc5
reference_type
scores
url https://github.com/advisories/GHSA-rfvw-5848-gxc5
fixed_packages
0
url pkg:composer/silverstripe/framework@4.3.4
purl pkg:composer/silverstripe/framework@4.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d62k-jng6-5fd8
11
vulnerability VCID-d6gt-9mst-dub4
12
vulnerability VCID-dgmv-7v1e-k3b9
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-hj46-jp5w-ckd1
18
vulnerability VCID-jc9t-3hb5-z3g5
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-kcq9-5h99-abct
21
vulnerability VCID-mvra-6wnv-xya1
22
vulnerability VCID-nzdu-xh5w-27g7
23
vulnerability VCID-qrhh-c86j-rqe6
24
vulnerability VCID-txyu-4qkf-r3cs
25
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.4
1
url pkg:composer/silverstripe/framework@4.3.5
purl pkg:composer/silverstripe/framework@4.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d62k-jng6-5fd8
11
vulnerability VCID-d6gt-9mst-dub4
12
vulnerability VCID-dgmv-7v1e-k3b9
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-hj46-jp5w-ckd1
18
vulnerability VCID-k2xa-uwrr-ffez
19
vulnerability VCID-kcq9-5h99-abct
20
vulnerability VCID-mvra-6wnv-xya1
21
vulnerability VCID-nzdu-xh5w-27g7
22
vulnerability VCID-qrhh-c86j-rqe6
23
vulnerability VCID-txyu-4qkf-r3cs
24
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.5
2
url pkg:composer/silverstripe/framework@4.4.4
purl pkg:composer/silverstripe/framework@4.4.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-4ywc-gcvd-73a9
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-5j19-xx5v-fkck
7
vulnerability VCID-8csb-m7rv-xyh2
8
vulnerability VCID-adng-1x6w-2baj
9
vulnerability VCID-cskj-c9ur-47dj
10
vulnerability VCID-d1ap-2u1x-y7gg
11
vulnerability VCID-d62k-jng6-5fd8
12
vulnerability VCID-d6gt-9mst-dub4
13
vulnerability VCID-dgmv-7v1e-k3b9
14
vulnerability VCID-djww-2v4e-qkb2
15
vulnerability VCID-ewqs-8fqc-b3hk
16
vulnerability VCID-fn6y-hytc-r3b5
17
vulnerability VCID-gr5g-7tkc-2kfa
18
vulnerability VCID-hj46-jp5w-ckd1
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-kcq9-5h99-abct
21
vulnerability VCID-mvra-6wnv-xya1
22
vulnerability VCID-nzdu-xh5w-27g7
23
vulnerability VCID-qrhh-c86j-rqe6
24
vulnerability VCID-txyu-4qkf-r3cs
25
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.4.4
aliases CVE-2019-12205, GHSA-rfvw-5848-gxc5
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x6g5-a61e-3khu
24
url VCID-ywfx-pjg6-aqcj
vulnerability_id VCID-ywfx-pjg6-aqcj
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-30148
reference_id
reference_type
scores
0
value 0.00224
scoring_system epss
scoring_elements 0.45159
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-30148
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2025-30148.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2025-30148.yaml
2
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
3
reference_url https://github.com/silverstripe/silverstripe-framework/commit/e99cfd62d160d145a76fcf9631e6b11226e42358
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T13:34:01Z/
url https://github.com/silverstripe/silverstripe-framework/commit/e99cfd62d160d145a76fcf9631e6b11226e42358
4
reference_url https://github.com/silverstripe/silverstripe-framework/pull/11682
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/pull/11682
5
reference_url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-rhx4-hvx9-j387
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T13:34:01Z/
url https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-rhx4-hvx9-j387
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-30148
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-30148
7
reference_url https://www.silverstripe.org/download/security-releases/cve-2025-30148
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T13:34:01Z/
url https://www.silverstripe.org/download/security-releases/cve-2025-30148
8
reference_url https://github.com/advisories/GHSA-rhx4-hvx9-j387
reference_id GHSA-rhx4-hvx9-j387
reference_type
scores
url https://github.com/advisories/GHSA-rhx4-hvx9-j387
fixed_packages
0
url pkg:composer/silverstripe/framework@5.3.23
purl pkg:composer/silverstripe/framework@5.3.23
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.3.23
aliases CVE-2025-30148, GHSA-rhx4-hvx9-j387
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ywfx-pjg6-aqcj
25
url VCID-yxg1-dz91-ckgs
vulnerability_id VCID-yxg1-dz91-ckgs
summary 
Cross-Site Request Forgery (CSRF)
Cross Site Request Forgery (CSRF) Protection Bypass in GraphQL.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12437
reference_id
reference_type
scores
0
value 0.002
scoring_system epss
scoring_elements 0.41992
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12437
1
reference_url https://forum.silverstripe.org/c/releases
reference_id
reference_type
scores
url https://forum.silverstripe.org/c/releases
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/graphql/CVE-2019-12437.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/graphql/CVE-2019-12437.yaml
3
reference_url https://github.com/silverstripe/silverstripe-graphql
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-graphql
4
reference_url https://github.com/silverstripe/silverstripe-graphql/commit/3c1dd6b839b7c0e2cbc85074bb5840ebded6097c
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-graphql/commit/3c1dd6b839b7c0e2cbc85074bb5840ebded6097c
5
reference_url https://github.com/silverstripe/silverstripe-graphql/commit/db28f3075ae2335905f43ac808e9177497e354ff
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-graphql/commit/db28f3075ae2335905f43ac808e9177497e354ff
6
reference_url https://www.silverstripe.org/blog/tag/release
reference_id
reference_type
scores
url https://www.silverstripe.org/blog/tag/release
7
reference_url https://www.silverstripe.org/download/security-releases/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-12437
reference_id CVE-2019-12437
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-12437
9
reference_url https://www.silverstripe.org/download/security-releases/cve-2019-12437
reference_id CVE-2019-12437
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/cve-2019-12437
fixed_packages
0
url pkg:composer/silverstripe/framework@4.3.4
purl pkg:composer/silverstripe/framework@4.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1p7c-bq8f-77g2
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-4vmq-kug8-dug8
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-5j19-xx5v-fkck
6
vulnerability VCID-8csb-m7rv-xyh2
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d62k-jng6-5fd8
11
vulnerability VCID-d6gt-9mst-dub4
12
vulnerability VCID-dgmv-7v1e-k3b9
13
vulnerability VCID-djww-2v4e-qkb2
14
vulnerability VCID-ewqs-8fqc-b3hk
15
vulnerability VCID-fn6y-hytc-r3b5
16
vulnerability VCID-gr5g-7tkc-2kfa
17
vulnerability VCID-hj46-jp5w-ckd1
18
vulnerability VCID-jc9t-3hb5-z3g5
19
vulnerability VCID-k2xa-uwrr-ffez
20
vulnerability VCID-kcq9-5h99-abct
21
vulnerability VCID-mvra-6wnv-xya1
22
vulnerability VCID-nzdu-xh5w-27g7
23
vulnerability VCID-qrhh-c86j-rqe6
24
vulnerability VCID-txyu-4qkf-r3cs
25
vulnerability VCID-ywfx-pjg6-aqcj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.4
aliases CVE-2019-12437, GHSA-fx37-56v6-85q6
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yxg1-dz91-ckgs
Fixing_vulnerabilities
0
url VCID-7wzc-kyxs-wbc2
vulnerability_id VCID-7wzc-kyxs-wbc2
summary 
ChangePasswordForm doesn't check Member::canLogIn()
After performing a password reset, `ChangePasswordForm::doChangePassword()` logs in the user without checking `Member::canLogIn()`. This presents an issue for sites that are using the extension point in that method to deny access to users (for example members that have not been “approved”, or members that have had their access revoked temporarily). It looks like `Member::canLogIn()` was originally designed to only be used for checking whether the user is locked out (due to too many incorrect login attempts) but has been opened up to other uses.
references
0
reference_url https://www.silverstripe.org/download/security-releases/ss-2016-011/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/ss-2016-011/
fixed_packages
0
url pkg:composer/silverstripe/framework@3.2.5
purl pkg:composer/silverstripe/framework@3.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-3497-71mw-yqh8
2
vulnerability VCID-4mg2-rjsn-qyfx
3
vulnerability VCID-4qq2-bbj1-8fdb
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-7kmy-8ht6-8fcw
6
vulnerability VCID-7uum-b28k-nqbm
7
vulnerability VCID-89jy-34ks-5kds
8
vulnerability VCID-8csb-m7rv-xyh2
9
vulnerability VCID-91wy-94bg-bfc3
10
vulnerability VCID-9vwe-uejx-c3c5
11
vulnerability VCID-adng-1x6w-2baj
12
vulnerability VCID-c3wv-6zpv-zbfg
13
vulnerability VCID-cskj-c9ur-47dj
14
vulnerability VCID-d1ap-2u1x-y7gg
15
vulnerability VCID-d6gt-9mst-dub4
16
vulnerability VCID-djww-2v4e-qkb2
17
vulnerability VCID-eu6p-szkb-m7b1
18
vulnerability VCID-ewqs-8fqc-b3hk
19
vulnerability VCID-fn6y-hytc-r3b5
20
vulnerability VCID-gr5g-7tkc-2kfa
21
vulnerability VCID-k1aa-deyg-2kdg
22
vulnerability VCID-k2xa-uwrr-ffez
23
vulnerability VCID-k6ed-y2ud-wffu
24
vulnerability VCID-kcq9-5h99-abct
25
vulnerability VCID-m2bw-tabk-qyd8
26
vulnerability VCID-mvra-6wnv-xya1
27
vulnerability VCID-nzdu-xh5w-27g7
28
vulnerability VCID-pq7w-n99a-q7cj
29
vulnerability VCID-qrhh-c86j-rqe6
30
vulnerability VCID-tp75-2k7m-6yaw
31
vulnerability VCID-txyu-4qkf-r3cs
32
vulnerability VCID-upvz-qc95-nua2
33
vulnerability VCID-vrv4-sy3z-jfe2
34
vulnerability VCID-x6g5-a61e-3khu
35
vulnerability VCID-xazf-vmz5-r3dj
36
vulnerability VCID-xhcs-db5g-97fr
37
vulnerability VCID-ywfx-pjg6-aqcj
38
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.2.5
1
url pkg:composer/silverstripe/framework@3.3.3
purl pkg:composer/silverstripe/framework@3.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-3497-71mw-yqh8
2
vulnerability VCID-4mg2-rjsn-qyfx
3
vulnerability VCID-4qq2-bbj1-8fdb
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-7kmy-8ht6-8fcw
6
vulnerability VCID-7uum-b28k-nqbm
7
vulnerability VCID-89jy-34ks-5kds
8
vulnerability VCID-8csb-m7rv-xyh2
9
vulnerability VCID-91wy-94bg-bfc3
10
vulnerability VCID-9vwe-uejx-c3c5
11
vulnerability VCID-adng-1x6w-2baj
12
vulnerability VCID-c3wv-6zpv-zbfg
13
vulnerability VCID-cskj-c9ur-47dj
14
vulnerability VCID-d1ap-2u1x-y7gg
15
vulnerability VCID-d6gt-9mst-dub4
16
vulnerability VCID-djww-2v4e-qkb2
17
vulnerability VCID-eu6p-szkb-m7b1
18
vulnerability VCID-ewqs-8fqc-b3hk
19
vulnerability VCID-fn6y-hytc-r3b5
20
vulnerability VCID-gr5g-7tkc-2kfa
21
vulnerability VCID-k1aa-deyg-2kdg
22
vulnerability VCID-k2xa-uwrr-ffez
23
vulnerability VCID-k6ed-y2ud-wffu
24
vulnerability VCID-kcq9-5h99-abct
25
vulnerability VCID-m2bw-tabk-qyd8
26
vulnerability VCID-mvra-6wnv-xya1
27
vulnerability VCID-nzdu-xh5w-27g7
28
vulnerability VCID-pq7w-n99a-q7cj
29
vulnerability VCID-qrhh-c86j-rqe6
30
vulnerability VCID-tp75-2k7m-6yaw
31
vulnerability VCID-txyu-4qkf-r3cs
32
vulnerability VCID-upvz-qc95-nua2
33
vulnerability VCID-vrv4-sy3z-jfe2
34
vulnerability VCID-x6g5-a61e-3khu
35
vulnerability VCID-xazf-vmz5-r3dj
36
vulnerability VCID-xhcs-db5g-97fr
37
vulnerability VCID-ywfx-pjg6-aqcj
38
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.3.3
2
url pkg:composer/silverstripe/framework@3.4.10-stable
purl pkg:composer/silverstripe/framework@3.4.10-stable
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.4.10-stable
3
url pkg:composer/silverstripe/framework@4.0.0-alpha1
purl pkg:composer/silverstripe/framework@4.0.0-alpha1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-4mg2-rjsn-qyfx
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-5ccd-zu9e-yfgp
4
vulnerability VCID-7kmy-8ht6-8fcw
5
vulnerability VCID-8csb-m7rv-xyh2
6
vulnerability VCID-9vwe-uejx-c3c5
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d6gt-9mst-dub4
11
vulnerability VCID-djww-2v4e-qkb2
12
vulnerability VCID-ewqs-8fqc-b3hk
13
vulnerability VCID-gr5g-7tkc-2kfa
14
vulnerability VCID-k1aa-deyg-2kdg
15
vulnerability VCID-k2xa-uwrr-ffez
16
vulnerability VCID-k6ed-y2ud-wffu
17
vulnerability VCID-kcq9-5h99-abct
18
vulnerability VCID-m2bw-tabk-qyd8
19
vulnerability VCID-mvra-6wnv-xya1
20
vulnerability VCID-nzdu-xh5w-27g7
21
vulnerability VCID-qrhh-c86j-rqe6
22
vulnerability VCID-txyu-4qkf-r3cs
23
vulnerability VCID-x6g5-a61e-3khu
24
vulnerability VCID-ywfx-pjg6-aqcj
25
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.0-alpha1
aliases SS-2016-011
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7wzc-kyxs-wbc2
1
url VCID-8py4-rxgp-uqdh
vulnerability_id VCID-8py4-rxgp-uqdh
summary 
VersionedRequestFilter vulnerability
A cross-site scripting vulnerability in `VersionedRequestFilter` has been found. If an incoming user request should not be able to access the requested stage, an error message is created for display on the CMS login page that they are redirected to. In this error message, the URL of the requested page is interpolated into the error message without being escaped; hence, arbitrary HTML can be injected into the CMS login page.
references
0
reference_url https://www.silverstripe.org/download/security-releases/ss-2016-007/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/ss-2016-007/
fixed_packages
0
url pkg:composer/silverstripe/framework@3.3.3
purl pkg:composer/silverstripe/framework@3.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-3497-71mw-yqh8
2
vulnerability VCID-4mg2-rjsn-qyfx
3
vulnerability VCID-4qq2-bbj1-8fdb
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-7kmy-8ht6-8fcw
6
vulnerability VCID-7uum-b28k-nqbm
7
vulnerability VCID-89jy-34ks-5kds
8
vulnerability VCID-8csb-m7rv-xyh2
9
vulnerability VCID-91wy-94bg-bfc3
10
vulnerability VCID-9vwe-uejx-c3c5
11
vulnerability VCID-adng-1x6w-2baj
12
vulnerability VCID-c3wv-6zpv-zbfg
13
vulnerability VCID-cskj-c9ur-47dj
14
vulnerability VCID-d1ap-2u1x-y7gg
15
vulnerability VCID-d6gt-9mst-dub4
16
vulnerability VCID-djww-2v4e-qkb2
17
vulnerability VCID-eu6p-szkb-m7b1
18
vulnerability VCID-ewqs-8fqc-b3hk
19
vulnerability VCID-fn6y-hytc-r3b5
20
vulnerability VCID-gr5g-7tkc-2kfa
21
vulnerability VCID-k1aa-deyg-2kdg
22
vulnerability VCID-k2xa-uwrr-ffez
23
vulnerability VCID-k6ed-y2ud-wffu
24
vulnerability VCID-kcq9-5h99-abct
25
vulnerability VCID-m2bw-tabk-qyd8
26
vulnerability VCID-mvra-6wnv-xya1
27
vulnerability VCID-nzdu-xh5w-27g7
28
vulnerability VCID-pq7w-n99a-q7cj
29
vulnerability VCID-qrhh-c86j-rqe6
30
vulnerability VCID-tp75-2k7m-6yaw
31
vulnerability VCID-txyu-4qkf-r3cs
32
vulnerability VCID-upvz-qc95-nua2
33
vulnerability VCID-vrv4-sy3z-jfe2
34
vulnerability VCID-x6g5-a61e-3khu
35
vulnerability VCID-xazf-vmz5-r3dj
36
vulnerability VCID-xhcs-db5g-97fr
37
vulnerability VCID-ywfx-pjg6-aqcj
38
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.3.3
1
url pkg:composer/silverstripe/framework@3.4.1
purl pkg:composer/silverstripe/framework@3.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2b81-t1vt-3uar
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-3497-71mw-yqh8
3
vulnerability VCID-4mg2-rjsn-qyfx
4
vulnerability VCID-4qq2-bbj1-8fdb
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-7kmy-8ht6-8fcw
7
vulnerability VCID-7uum-b28k-nqbm
8
vulnerability VCID-89jy-34ks-5kds
9
vulnerability VCID-8csb-m7rv-xyh2
10
vulnerability VCID-91wy-94bg-bfc3
11
vulnerability VCID-9vwe-uejx-c3c5
12
vulnerability VCID-adng-1x6w-2baj
13
vulnerability VCID-c3wv-6zpv-zbfg
14
vulnerability VCID-cskj-c9ur-47dj
15
vulnerability VCID-d1ap-2u1x-y7gg
16
vulnerability VCID-d6gt-9mst-dub4
17
vulnerability VCID-djww-2v4e-qkb2
18
vulnerability VCID-eu6p-szkb-m7b1
19
vulnerability VCID-ewqs-8fqc-b3hk
20
vulnerability VCID-fn6y-hytc-r3b5
21
vulnerability VCID-gr5g-7tkc-2kfa
22
vulnerability VCID-k1aa-deyg-2kdg
23
vulnerability VCID-k2xa-uwrr-ffez
24
vulnerability VCID-k6ed-y2ud-wffu
25
vulnerability VCID-kcq9-5h99-abct
26
vulnerability VCID-m2bw-tabk-qyd8
27
vulnerability VCID-mvra-6wnv-xya1
28
vulnerability VCID-nzdu-xh5w-27g7
29
vulnerability VCID-pq7w-n99a-q7cj
30
vulnerability VCID-qrhh-c86j-rqe6
31
vulnerability VCID-s4vd-dw41-wkgn
32
vulnerability VCID-seq6-f1js-u3f3
33
vulnerability VCID-tp75-2k7m-6yaw
34
vulnerability VCID-txyu-4qkf-r3cs
35
vulnerability VCID-upvz-qc95-nua2
36
vulnerability VCID-v5s9-xp16-2udf
37
vulnerability VCID-vrv4-sy3z-jfe2
38
vulnerability VCID-x6g5-a61e-3khu
39
vulnerability VCID-xazf-vmz5-r3dj
40
vulnerability VCID-xhcs-db5g-97fr
41
vulnerability VCID-ywfx-pjg6-aqcj
42
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.4.1
2
url pkg:composer/silverstripe/framework@4.0.0-alpha1
purl pkg:composer/silverstripe/framework@4.0.0-alpha1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-4mg2-rjsn-qyfx
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-5ccd-zu9e-yfgp
4
vulnerability VCID-7kmy-8ht6-8fcw
5
vulnerability VCID-8csb-m7rv-xyh2
6
vulnerability VCID-9vwe-uejx-c3c5
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d6gt-9mst-dub4
11
vulnerability VCID-djww-2v4e-qkb2
12
vulnerability VCID-ewqs-8fqc-b3hk
13
vulnerability VCID-gr5g-7tkc-2kfa
14
vulnerability VCID-k1aa-deyg-2kdg
15
vulnerability VCID-k2xa-uwrr-ffez
16
vulnerability VCID-k6ed-y2ud-wffu
17
vulnerability VCID-kcq9-5h99-abct
18
vulnerability VCID-m2bw-tabk-qyd8
19
vulnerability VCID-mvra-6wnv-xya1
20
vulnerability VCID-nzdu-xh5w-27g7
21
vulnerability VCID-qrhh-c86j-rqe6
22
vulnerability VCID-txyu-4qkf-r3cs
23
vulnerability VCID-x6g5-a61e-3khu
24
vulnerability VCID-ywfx-pjg6-aqcj
25
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.0-alpha1
aliases SS-2016-007
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8py4-rxgp-uqdh
2
url VCID-a95a-ygek-hfby
vulnerability_id VCID-a95a-ygek-hfby
summary 
Missing ACL on reports
The `SS_Report`, and the reports CMS section only checks `canView()` when listing the reports that can be viewed by the current user. It does not (and should) perform `canView` checks when the report is actually viewed, so if you know the URL to a report and can otherwise access the Reports section of the CMS, you can view any report.
references
0
reference_url https://www.silverstripe.org/download/security-releases/ss-2016-012/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/ss-2016-012/
fixed_packages
0
url pkg:composer/silverstripe/framework@3.1.20
purl pkg:composer/silverstripe/framework@3.1.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-112b-xdzv-auf1
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-3497-71mw-yqh8
3
vulnerability VCID-4mg2-rjsn-qyfx
4
vulnerability VCID-4qq2-bbj1-8fdb
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-7kmy-8ht6-8fcw
7
vulnerability VCID-7uum-b28k-nqbm
8
vulnerability VCID-89jy-34ks-5kds
9
vulnerability VCID-8csb-m7rv-xyh2
10
vulnerability VCID-91wy-94bg-bfc3
11
vulnerability VCID-9vwe-uejx-c3c5
12
vulnerability VCID-adng-1x6w-2baj
13
vulnerability VCID-c3wv-6zpv-zbfg
14
vulnerability VCID-cskj-c9ur-47dj
15
vulnerability VCID-d1ap-2u1x-y7gg
16
vulnerability VCID-d6gt-9mst-dub4
17
vulnerability VCID-djww-2v4e-qkb2
18
vulnerability VCID-eu6p-szkb-m7b1
19
vulnerability VCID-ewqs-8fqc-b3hk
20
vulnerability VCID-fn6y-hytc-r3b5
21
vulnerability VCID-gr5g-7tkc-2kfa
22
vulnerability VCID-k1aa-deyg-2kdg
23
vulnerability VCID-k2xa-uwrr-ffez
24
vulnerability VCID-k6ed-y2ud-wffu
25
vulnerability VCID-kcq9-5h99-abct
26
vulnerability VCID-m2bw-tabk-qyd8
27
vulnerability VCID-mvra-6wnv-xya1
28
vulnerability VCID-nzdu-xh5w-27g7
29
vulnerability VCID-pq7w-n99a-q7cj
30
vulnerability VCID-qrhh-c86j-rqe6
31
vulnerability VCID-tp75-2k7m-6yaw
32
vulnerability VCID-txyu-4qkf-r3cs
33
vulnerability VCID-upvz-qc95-nua2
34
vulnerability VCID-vrv4-sy3z-jfe2
35
vulnerability VCID-x6g5-a61e-3khu
36
vulnerability VCID-xazf-vmz5-r3dj
37
vulnerability VCID-xhcs-db5g-97fr
38
vulnerability VCID-ywfx-pjg6-aqcj
39
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.1.20
1
url pkg:composer/silverstripe/framework@3.2.5
purl pkg:composer/silverstripe/framework@3.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-3497-71mw-yqh8
2
vulnerability VCID-4mg2-rjsn-qyfx
3
vulnerability VCID-4qq2-bbj1-8fdb
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-7kmy-8ht6-8fcw
6
vulnerability VCID-7uum-b28k-nqbm
7
vulnerability VCID-89jy-34ks-5kds
8
vulnerability VCID-8csb-m7rv-xyh2
9
vulnerability VCID-91wy-94bg-bfc3
10
vulnerability VCID-9vwe-uejx-c3c5
11
vulnerability VCID-adng-1x6w-2baj
12
vulnerability VCID-c3wv-6zpv-zbfg
13
vulnerability VCID-cskj-c9ur-47dj
14
vulnerability VCID-d1ap-2u1x-y7gg
15
vulnerability VCID-d6gt-9mst-dub4
16
vulnerability VCID-djww-2v4e-qkb2
17
vulnerability VCID-eu6p-szkb-m7b1
18
vulnerability VCID-ewqs-8fqc-b3hk
19
vulnerability VCID-fn6y-hytc-r3b5
20
vulnerability VCID-gr5g-7tkc-2kfa
21
vulnerability VCID-k1aa-deyg-2kdg
22
vulnerability VCID-k2xa-uwrr-ffez
23
vulnerability VCID-k6ed-y2ud-wffu
24
vulnerability VCID-kcq9-5h99-abct
25
vulnerability VCID-m2bw-tabk-qyd8
26
vulnerability VCID-mvra-6wnv-xya1
27
vulnerability VCID-nzdu-xh5w-27g7
28
vulnerability VCID-pq7w-n99a-q7cj
29
vulnerability VCID-qrhh-c86j-rqe6
30
vulnerability VCID-tp75-2k7m-6yaw
31
vulnerability VCID-txyu-4qkf-r3cs
32
vulnerability VCID-upvz-qc95-nua2
33
vulnerability VCID-vrv4-sy3z-jfe2
34
vulnerability VCID-x6g5-a61e-3khu
35
vulnerability VCID-xazf-vmz5-r3dj
36
vulnerability VCID-xhcs-db5g-97fr
37
vulnerability VCID-ywfx-pjg6-aqcj
38
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.2.5
2
url pkg:composer/silverstripe/framework@3.3.3
purl pkg:composer/silverstripe/framework@3.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-3497-71mw-yqh8
2
vulnerability VCID-4mg2-rjsn-qyfx
3
vulnerability VCID-4qq2-bbj1-8fdb
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-7kmy-8ht6-8fcw
6
vulnerability VCID-7uum-b28k-nqbm
7
vulnerability VCID-89jy-34ks-5kds
8
vulnerability VCID-8csb-m7rv-xyh2
9
vulnerability VCID-91wy-94bg-bfc3
10
vulnerability VCID-9vwe-uejx-c3c5
11
vulnerability VCID-adng-1x6w-2baj
12
vulnerability VCID-c3wv-6zpv-zbfg
13
vulnerability VCID-cskj-c9ur-47dj
14
vulnerability VCID-d1ap-2u1x-y7gg
15
vulnerability VCID-d6gt-9mst-dub4
16
vulnerability VCID-djww-2v4e-qkb2
17
vulnerability VCID-eu6p-szkb-m7b1
18
vulnerability VCID-ewqs-8fqc-b3hk
19
vulnerability VCID-fn6y-hytc-r3b5
20
vulnerability VCID-gr5g-7tkc-2kfa
21
vulnerability VCID-k1aa-deyg-2kdg
22
vulnerability VCID-k2xa-uwrr-ffez
23
vulnerability VCID-k6ed-y2ud-wffu
24
vulnerability VCID-kcq9-5h99-abct
25
vulnerability VCID-m2bw-tabk-qyd8
26
vulnerability VCID-mvra-6wnv-xya1
27
vulnerability VCID-nzdu-xh5w-27g7
28
vulnerability VCID-pq7w-n99a-q7cj
29
vulnerability VCID-qrhh-c86j-rqe6
30
vulnerability VCID-tp75-2k7m-6yaw
31
vulnerability VCID-txyu-4qkf-r3cs
32
vulnerability VCID-upvz-qc95-nua2
33
vulnerability VCID-vrv4-sy3z-jfe2
34
vulnerability VCID-x6g5-a61e-3khu
35
vulnerability VCID-xazf-vmz5-r3dj
36
vulnerability VCID-xhcs-db5g-97fr
37
vulnerability VCID-ywfx-pjg6-aqcj
38
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.3.3
3
url pkg:composer/silverstripe/framework@3.4.1
purl pkg:composer/silverstripe/framework@3.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2b81-t1vt-3uar
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-3497-71mw-yqh8
3
vulnerability VCID-4mg2-rjsn-qyfx
4
vulnerability VCID-4qq2-bbj1-8fdb
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-7kmy-8ht6-8fcw
7
vulnerability VCID-7uum-b28k-nqbm
8
vulnerability VCID-89jy-34ks-5kds
9
vulnerability VCID-8csb-m7rv-xyh2
10
vulnerability VCID-91wy-94bg-bfc3
11
vulnerability VCID-9vwe-uejx-c3c5
12
vulnerability VCID-adng-1x6w-2baj
13
vulnerability VCID-c3wv-6zpv-zbfg
14
vulnerability VCID-cskj-c9ur-47dj
15
vulnerability VCID-d1ap-2u1x-y7gg
16
vulnerability VCID-d6gt-9mst-dub4
17
vulnerability VCID-djww-2v4e-qkb2
18
vulnerability VCID-eu6p-szkb-m7b1
19
vulnerability VCID-ewqs-8fqc-b3hk
20
vulnerability VCID-fn6y-hytc-r3b5
21
vulnerability VCID-gr5g-7tkc-2kfa
22
vulnerability VCID-k1aa-deyg-2kdg
23
vulnerability VCID-k2xa-uwrr-ffez
24
vulnerability VCID-k6ed-y2ud-wffu
25
vulnerability VCID-kcq9-5h99-abct
26
vulnerability VCID-m2bw-tabk-qyd8
27
vulnerability VCID-mvra-6wnv-xya1
28
vulnerability VCID-nzdu-xh5w-27g7
29
vulnerability VCID-pq7w-n99a-q7cj
30
vulnerability VCID-qrhh-c86j-rqe6
31
vulnerability VCID-s4vd-dw41-wkgn
32
vulnerability VCID-seq6-f1js-u3f3
33
vulnerability VCID-tp75-2k7m-6yaw
34
vulnerability VCID-txyu-4qkf-r3cs
35
vulnerability VCID-upvz-qc95-nua2
36
vulnerability VCID-v5s9-xp16-2udf
37
vulnerability VCID-vrv4-sy3z-jfe2
38
vulnerability VCID-x6g5-a61e-3khu
39
vulnerability VCID-xazf-vmz5-r3dj
40
vulnerability VCID-xhcs-db5g-97fr
41
vulnerability VCID-ywfx-pjg6-aqcj
42
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.4.1
4
url pkg:composer/silverstripe/framework@4.0.0-alpha1
purl pkg:composer/silverstripe/framework@4.0.0-alpha1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-4mg2-rjsn-qyfx
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-5ccd-zu9e-yfgp
4
vulnerability VCID-7kmy-8ht6-8fcw
5
vulnerability VCID-8csb-m7rv-xyh2
6
vulnerability VCID-9vwe-uejx-c3c5
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d6gt-9mst-dub4
11
vulnerability VCID-djww-2v4e-qkb2
12
vulnerability VCID-ewqs-8fqc-b3hk
13
vulnerability VCID-gr5g-7tkc-2kfa
14
vulnerability VCID-k1aa-deyg-2kdg
15
vulnerability VCID-k2xa-uwrr-ffez
16
vulnerability VCID-k6ed-y2ud-wffu
17
vulnerability VCID-kcq9-5h99-abct
18
vulnerability VCID-m2bw-tabk-qyd8
19
vulnerability VCID-mvra-6wnv-xya1
20
vulnerability VCID-nzdu-xh5w-27g7
21
vulnerability VCID-qrhh-c86j-rqe6
22
vulnerability VCID-txyu-4qkf-r3cs
23
vulnerability VCID-x6g5-a61e-3khu
24
vulnerability VCID-ywfx-pjg6-aqcj
25
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.0-alpha1
aliases SS-2016-012
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a95a-ygek-hfby
3
url VCID-bexp-ws1g-1fdu
vulnerability_id VCID-bexp-ws1g-1fdu
summary 
Password encryption salt expiry
When a user changes their password, the internal salt used for hashing their password is not updated.
references
0
reference_url https://www.silverstripe.org/download/security-releases/ss-2016-008/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/ss-2016-008/
fixed_packages
0
url pkg:composer/silverstripe/framework@3.1.20
purl pkg:composer/silverstripe/framework@3.1.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-112b-xdzv-auf1
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-3497-71mw-yqh8
3
vulnerability VCID-4mg2-rjsn-qyfx
4
vulnerability VCID-4qq2-bbj1-8fdb
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-7kmy-8ht6-8fcw
7
vulnerability VCID-7uum-b28k-nqbm
8
vulnerability VCID-89jy-34ks-5kds
9
vulnerability VCID-8csb-m7rv-xyh2
10
vulnerability VCID-91wy-94bg-bfc3
11
vulnerability VCID-9vwe-uejx-c3c5
12
vulnerability VCID-adng-1x6w-2baj
13
vulnerability VCID-c3wv-6zpv-zbfg
14
vulnerability VCID-cskj-c9ur-47dj
15
vulnerability VCID-d1ap-2u1x-y7gg
16
vulnerability VCID-d6gt-9mst-dub4
17
vulnerability VCID-djww-2v4e-qkb2
18
vulnerability VCID-eu6p-szkb-m7b1
19
vulnerability VCID-ewqs-8fqc-b3hk
20
vulnerability VCID-fn6y-hytc-r3b5
21
vulnerability VCID-gr5g-7tkc-2kfa
22
vulnerability VCID-k1aa-deyg-2kdg
23
vulnerability VCID-k2xa-uwrr-ffez
24
vulnerability VCID-k6ed-y2ud-wffu
25
vulnerability VCID-kcq9-5h99-abct
26
vulnerability VCID-m2bw-tabk-qyd8
27
vulnerability VCID-mvra-6wnv-xya1
28
vulnerability VCID-nzdu-xh5w-27g7
29
vulnerability VCID-pq7w-n99a-q7cj
30
vulnerability VCID-qrhh-c86j-rqe6
31
vulnerability VCID-tp75-2k7m-6yaw
32
vulnerability VCID-txyu-4qkf-r3cs
33
vulnerability VCID-upvz-qc95-nua2
34
vulnerability VCID-vrv4-sy3z-jfe2
35
vulnerability VCID-x6g5-a61e-3khu
36
vulnerability VCID-xazf-vmz5-r3dj
37
vulnerability VCID-xhcs-db5g-97fr
38
vulnerability VCID-ywfx-pjg6-aqcj
39
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.1.20
1
url pkg:composer/silverstripe/framework@3.2.5
purl pkg:composer/silverstripe/framework@3.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-3497-71mw-yqh8
2
vulnerability VCID-4mg2-rjsn-qyfx
3
vulnerability VCID-4qq2-bbj1-8fdb
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-7kmy-8ht6-8fcw
6
vulnerability VCID-7uum-b28k-nqbm
7
vulnerability VCID-89jy-34ks-5kds
8
vulnerability VCID-8csb-m7rv-xyh2
9
vulnerability VCID-91wy-94bg-bfc3
10
vulnerability VCID-9vwe-uejx-c3c5
11
vulnerability VCID-adng-1x6w-2baj
12
vulnerability VCID-c3wv-6zpv-zbfg
13
vulnerability VCID-cskj-c9ur-47dj
14
vulnerability VCID-d1ap-2u1x-y7gg
15
vulnerability VCID-d6gt-9mst-dub4
16
vulnerability VCID-djww-2v4e-qkb2
17
vulnerability VCID-eu6p-szkb-m7b1
18
vulnerability VCID-ewqs-8fqc-b3hk
19
vulnerability VCID-fn6y-hytc-r3b5
20
vulnerability VCID-gr5g-7tkc-2kfa
21
vulnerability VCID-k1aa-deyg-2kdg
22
vulnerability VCID-k2xa-uwrr-ffez
23
vulnerability VCID-k6ed-y2ud-wffu
24
vulnerability VCID-kcq9-5h99-abct
25
vulnerability VCID-m2bw-tabk-qyd8
26
vulnerability VCID-mvra-6wnv-xya1
27
vulnerability VCID-nzdu-xh5w-27g7
28
vulnerability VCID-pq7w-n99a-q7cj
29
vulnerability VCID-qrhh-c86j-rqe6
30
vulnerability VCID-tp75-2k7m-6yaw
31
vulnerability VCID-txyu-4qkf-r3cs
32
vulnerability VCID-upvz-qc95-nua2
33
vulnerability VCID-vrv4-sy3z-jfe2
34
vulnerability VCID-x6g5-a61e-3khu
35
vulnerability VCID-xazf-vmz5-r3dj
36
vulnerability VCID-xhcs-db5g-97fr
37
vulnerability VCID-ywfx-pjg6-aqcj
38
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.2.5
2
url pkg:composer/silverstripe/framework@3.3.3
purl pkg:composer/silverstripe/framework@3.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-3497-71mw-yqh8
2
vulnerability VCID-4mg2-rjsn-qyfx
3
vulnerability VCID-4qq2-bbj1-8fdb
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-7kmy-8ht6-8fcw
6
vulnerability VCID-7uum-b28k-nqbm
7
vulnerability VCID-89jy-34ks-5kds
8
vulnerability VCID-8csb-m7rv-xyh2
9
vulnerability VCID-91wy-94bg-bfc3
10
vulnerability VCID-9vwe-uejx-c3c5
11
vulnerability VCID-adng-1x6w-2baj
12
vulnerability VCID-c3wv-6zpv-zbfg
13
vulnerability VCID-cskj-c9ur-47dj
14
vulnerability VCID-d1ap-2u1x-y7gg
15
vulnerability VCID-d6gt-9mst-dub4
16
vulnerability VCID-djww-2v4e-qkb2
17
vulnerability VCID-eu6p-szkb-m7b1
18
vulnerability VCID-ewqs-8fqc-b3hk
19
vulnerability VCID-fn6y-hytc-r3b5
20
vulnerability VCID-gr5g-7tkc-2kfa
21
vulnerability VCID-k1aa-deyg-2kdg
22
vulnerability VCID-k2xa-uwrr-ffez
23
vulnerability VCID-k6ed-y2ud-wffu
24
vulnerability VCID-kcq9-5h99-abct
25
vulnerability VCID-m2bw-tabk-qyd8
26
vulnerability VCID-mvra-6wnv-xya1
27
vulnerability VCID-nzdu-xh5w-27g7
28
vulnerability VCID-pq7w-n99a-q7cj
29
vulnerability VCID-qrhh-c86j-rqe6
30
vulnerability VCID-tp75-2k7m-6yaw
31
vulnerability VCID-txyu-4qkf-r3cs
32
vulnerability VCID-upvz-qc95-nua2
33
vulnerability VCID-vrv4-sy3z-jfe2
34
vulnerability VCID-x6g5-a61e-3khu
35
vulnerability VCID-xazf-vmz5-r3dj
36
vulnerability VCID-xhcs-db5g-97fr
37
vulnerability VCID-ywfx-pjg6-aqcj
38
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.3.3
3
url pkg:composer/silverstripe/framework@3.4.1
purl pkg:composer/silverstripe/framework@3.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2b81-t1vt-3uar
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-3497-71mw-yqh8
3
vulnerability VCID-4mg2-rjsn-qyfx
4
vulnerability VCID-4qq2-bbj1-8fdb
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-7kmy-8ht6-8fcw
7
vulnerability VCID-7uum-b28k-nqbm
8
vulnerability VCID-89jy-34ks-5kds
9
vulnerability VCID-8csb-m7rv-xyh2
10
vulnerability VCID-91wy-94bg-bfc3
11
vulnerability VCID-9vwe-uejx-c3c5
12
vulnerability VCID-adng-1x6w-2baj
13
vulnerability VCID-c3wv-6zpv-zbfg
14
vulnerability VCID-cskj-c9ur-47dj
15
vulnerability VCID-d1ap-2u1x-y7gg
16
vulnerability VCID-d6gt-9mst-dub4
17
vulnerability VCID-djww-2v4e-qkb2
18
vulnerability VCID-eu6p-szkb-m7b1
19
vulnerability VCID-ewqs-8fqc-b3hk
20
vulnerability VCID-fn6y-hytc-r3b5
21
vulnerability VCID-gr5g-7tkc-2kfa
22
vulnerability VCID-k1aa-deyg-2kdg
23
vulnerability VCID-k2xa-uwrr-ffez
24
vulnerability VCID-k6ed-y2ud-wffu
25
vulnerability VCID-kcq9-5h99-abct
26
vulnerability VCID-m2bw-tabk-qyd8
27
vulnerability VCID-mvra-6wnv-xya1
28
vulnerability VCID-nzdu-xh5w-27g7
29
vulnerability VCID-pq7w-n99a-q7cj
30
vulnerability VCID-qrhh-c86j-rqe6
31
vulnerability VCID-s4vd-dw41-wkgn
32
vulnerability VCID-seq6-f1js-u3f3
33
vulnerability VCID-tp75-2k7m-6yaw
34
vulnerability VCID-txyu-4qkf-r3cs
35
vulnerability VCID-upvz-qc95-nua2
36
vulnerability VCID-v5s9-xp16-2udf
37
vulnerability VCID-vrv4-sy3z-jfe2
38
vulnerability VCID-x6g5-a61e-3khu
39
vulnerability VCID-xazf-vmz5-r3dj
40
vulnerability VCID-xhcs-db5g-97fr
41
vulnerability VCID-ywfx-pjg6-aqcj
42
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.4.1
4
url pkg:composer/silverstripe/framework@4.0.0-alpha1
purl pkg:composer/silverstripe/framework@4.0.0-alpha1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-4mg2-rjsn-qyfx
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-5ccd-zu9e-yfgp
4
vulnerability VCID-7kmy-8ht6-8fcw
5
vulnerability VCID-8csb-m7rv-xyh2
6
vulnerability VCID-9vwe-uejx-c3c5
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d6gt-9mst-dub4
11
vulnerability VCID-djww-2v4e-qkb2
12
vulnerability VCID-ewqs-8fqc-b3hk
13
vulnerability VCID-gr5g-7tkc-2kfa
14
vulnerability VCID-k1aa-deyg-2kdg
15
vulnerability VCID-k2xa-uwrr-ffez
16
vulnerability VCID-k6ed-y2ud-wffu
17
vulnerability VCID-kcq9-5h99-abct
18
vulnerability VCID-m2bw-tabk-qyd8
19
vulnerability VCID-mvra-6wnv-xya1
20
vulnerability VCID-nzdu-xh5w-27g7
21
vulnerability VCID-qrhh-c86j-rqe6
22
vulnerability VCID-txyu-4qkf-r3cs
23
vulnerability VCID-x6g5-a61e-3khu
24
vulnerability VCID-ywfx-pjg6-aqcj
25
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.0-alpha1
aliases SS-2016-008
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bexp-ws1g-1fdu
4
url VCID-d9he-ahd2-xkde
vulnerability_id VCID-d9he-ahd2-xkde
summary 
Member.Name isn't escaped
The core template `framework/templates/Includes/GridField_print.ss` uses "Printed by $Member.Name". If the currently logged in members first name or surname contain XSS, this prints the raw HTML out, because `Member->getName()` just returns the raw `FirstName + Surname` as a string, which is injected directly.
references
0
reference_url https://www.silverstripe.org/download/security-releases/ss-2016-013/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/ss-2016-013/
fixed_packages
0
url pkg:composer/silverstripe/framework@3.1.20
purl pkg:composer/silverstripe/framework@3.1.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-112b-xdzv-auf1
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-3497-71mw-yqh8
3
vulnerability VCID-4mg2-rjsn-qyfx
4
vulnerability VCID-4qq2-bbj1-8fdb
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-7kmy-8ht6-8fcw
7
vulnerability VCID-7uum-b28k-nqbm
8
vulnerability VCID-89jy-34ks-5kds
9
vulnerability VCID-8csb-m7rv-xyh2
10
vulnerability VCID-91wy-94bg-bfc3
11
vulnerability VCID-9vwe-uejx-c3c5
12
vulnerability VCID-adng-1x6w-2baj
13
vulnerability VCID-c3wv-6zpv-zbfg
14
vulnerability VCID-cskj-c9ur-47dj
15
vulnerability VCID-d1ap-2u1x-y7gg
16
vulnerability VCID-d6gt-9mst-dub4
17
vulnerability VCID-djww-2v4e-qkb2
18
vulnerability VCID-eu6p-szkb-m7b1
19
vulnerability VCID-ewqs-8fqc-b3hk
20
vulnerability VCID-fn6y-hytc-r3b5
21
vulnerability VCID-gr5g-7tkc-2kfa
22
vulnerability VCID-k1aa-deyg-2kdg
23
vulnerability VCID-k2xa-uwrr-ffez
24
vulnerability VCID-k6ed-y2ud-wffu
25
vulnerability VCID-kcq9-5h99-abct
26
vulnerability VCID-m2bw-tabk-qyd8
27
vulnerability VCID-mvra-6wnv-xya1
28
vulnerability VCID-nzdu-xh5w-27g7
29
vulnerability VCID-pq7w-n99a-q7cj
30
vulnerability VCID-qrhh-c86j-rqe6
31
vulnerability VCID-tp75-2k7m-6yaw
32
vulnerability VCID-txyu-4qkf-r3cs
33
vulnerability VCID-upvz-qc95-nua2
34
vulnerability VCID-vrv4-sy3z-jfe2
35
vulnerability VCID-x6g5-a61e-3khu
36
vulnerability VCID-xazf-vmz5-r3dj
37
vulnerability VCID-xhcs-db5g-97fr
38
vulnerability VCID-ywfx-pjg6-aqcj
39
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.1.20
1
url pkg:composer/silverstripe/framework@3.2.5
purl pkg:composer/silverstripe/framework@3.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-3497-71mw-yqh8
2
vulnerability VCID-4mg2-rjsn-qyfx
3
vulnerability VCID-4qq2-bbj1-8fdb
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-7kmy-8ht6-8fcw
6
vulnerability VCID-7uum-b28k-nqbm
7
vulnerability VCID-89jy-34ks-5kds
8
vulnerability VCID-8csb-m7rv-xyh2
9
vulnerability VCID-91wy-94bg-bfc3
10
vulnerability VCID-9vwe-uejx-c3c5
11
vulnerability VCID-adng-1x6w-2baj
12
vulnerability VCID-c3wv-6zpv-zbfg
13
vulnerability VCID-cskj-c9ur-47dj
14
vulnerability VCID-d1ap-2u1x-y7gg
15
vulnerability VCID-d6gt-9mst-dub4
16
vulnerability VCID-djww-2v4e-qkb2
17
vulnerability VCID-eu6p-szkb-m7b1
18
vulnerability VCID-ewqs-8fqc-b3hk
19
vulnerability VCID-fn6y-hytc-r3b5
20
vulnerability VCID-gr5g-7tkc-2kfa
21
vulnerability VCID-k1aa-deyg-2kdg
22
vulnerability VCID-k2xa-uwrr-ffez
23
vulnerability VCID-k6ed-y2ud-wffu
24
vulnerability VCID-kcq9-5h99-abct
25
vulnerability VCID-m2bw-tabk-qyd8
26
vulnerability VCID-mvra-6wnv-xya1
27
vulnerability VCID-nzdu-xh5w-27g7
28
vulnerability VCID-pq7w-n99a-q7cj
29
vulnerability VCID-qrhh-c86j-rqe6
30
vulnerability VCID-tp75-2k7m-6yaw
31
vulnerability VCID-txyu-4qkf-r3cs
32
vulnerability VCID-upvz-qc95-nua2
33
vulnerability VCID-vrv4-sy3z-jfe2
34
vulnerability VCID-x6g5-a61e-3khu
35
vulnerability VCID-xazf-vmz5-r3dj
36
vulnerability VCID-xhcs-db5g-97fr
37
vulnerability VCID-ywfx-pjg6-aqcj
38
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.2.5
2
url pkg:composer/silverstripe/framework@3.3.3
purl pkg:composer/silverstripe/framework@3.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-3497-71mw-yqh8
2
vulnerability VCID-4mg2-rjsn-qyfx
3
vulnerability VCID-4qq2-bbj1-8fdb
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-7kmy-8ht6-8fcw
6
vulnerability VCID-7uum-b28k-nqbm
7
vulnerability VCID-89jy-34ks-5kds
8
vulnerability VCID-8csb-m7rv-xyh2
9
vulnerability VCID-91wy-94bg-bfc3
10
vulnerability VCID-9vwe-uejx-c3c5
11
vulnerability VCID-adng-1x6w-2baj
12
vulnerability VCID-c3wv-6zpv-zbfg
13
vulnerability VCID-cskj-c9ur-47dj
14
vulnerability VCID-d1ap-2u1x-y7gg
15
vulnerability VCID-d6gt-9mst-dub4
16
vulnerability VCID-djww-2v4e-qkb2
17
vulnerability VCID-eu6p-szkb-m7b1
18
vulnerability VCID-ewqs-8fqc-b3hk
19
vulnerability VCID-fn6y-hytc-r3b5
20
vulnerability VCID-gr5g-7tkc-2kfa
21
vulnerability VCID-k1aa-deyg-2kdg
22
vulnerability VCID-k2xa-uwrr-ffez
23
vulnerability VCID-k6ed-y2ud-wffu
24
vulnerability VCID-kcq9-5h99-abct
25
vulnerability VCID-m2bw-tabk-qyd8
26
vulnerability VCID-mvra-6wnv-xya1
27
vulnerability VCID-nzdu-xh5w-27g7
28
vulnerability VCID-pq7w-n99a-q7cj
29
vulnerability VCID-qrhh-c86j-rqe6
30
vulnerability VCID-tp75-2k7m-6yaw
31
vulnerability VCID-txyu-4qkf-r3cs
32
vulnerability VCID-upvz-qc95-nua2
33
vulnerability VCID-vrv4-sy3z-jfe2
34
vulnerability VCID-x6g5-a61e-3khu
35
vulnerability VCID-xazf-vmz5-r3dj
36
vulnerability VCID-xhcs-db5g-97fr
37
vulnerability VCID-ywfx-pjg6-aqcj
38
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.3.3
3
url pkg:composer/silverstripe/framework@3.4.1
purl pkg:composer/silverstripe/framework@3.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2b81-t1vt-3uar
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-3497-71mw-yqh8
3
vulnerability VCID-4mg2-rjsn-qyfx
4
vulnerability VCID-4qq2-bbj1-8fdb
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-7kmy-8ht6-8fcw
7
vulnerability VCID-7uum-b28k-nqbm
8
vulnerability VCID-89jy-34ks-5kds
9
vulnerability VCID-8csb-m7rv-xyh2
10
vulnerability VCID-91wy-94bg-bfc3
11
vulnerability VCID-9vwe-uejx-c3c5
12
vulnerability VCID-adng-1x6w-2baj
13
vulnerability VCID-c3wv-6zpv-zbfg
14
vulnerability VCID-cskj-c9ur-47dj
15
vulnerability VCID-d1ap-2u1x-y7gg
16
vulnerability VCID-d6gt-9mst-dub4
17
vulnerability VCID-djww-2v4e-qkb2
18
vulnerability VCID-eu6p-szkb-m7b1
19
vulnerability VCID-ewqs-8fqc-b3hk
20
vulnerability VCID-fn6y-hytc-r3b5
21
vulnerability VCID-gr5g-7tkc-2kfa
22
vulnerability VCID-k1aa-deyg-2kdg
23
vulnerability VCID-k2xa-uwrr-ffez
24
vulnerability VCID-k6ed-y2ud-wffu
25
vulnerability VCID-kcq9-5h99-abct
26
vulnerability VCID-m2bw-tabk-qyd8
27
vulnerability VCID-mvra-6wnv-xya1
28
vulnerability VCID-nzdu-xh5w-27g7
29
vulnerability VCID-pq7w-n99a-q7cj
30
vulnerability VCID-qrhh-c86j-rqe6
31
vulnerability VCID-s4vd-dw41-wkgn
32
vulnerability VCID-seq6-f1js-u3f3
33
vulnerability VCID-tp75-2k7m-6yaw
34
vulnerability VCID-txyu-4qkf-r3cs
35
vulnerability VCID-upvz-qc95-nua2
36
vulnerability VCID-v5s9-xp16-2udf
37
vulnerability VCID-vrv4-sy3z-jfe2
38
vulnerability VCID-x6g5-a61e-3khu
39
vulnerability VCID-xazf-vmz5-r3dj
40
vulnerability VCID-xhcs-db5g-97fr
41
vulnerability VCID-ywfx-pjg6-aqcj
42
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.4.1
4
url pkg:composer/silverstripe/framework@4.0.0-alpha1
purl pkg:composer/silverstripe/framework@4.0.0-alpha1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-4mg2-rjsn-qyfx
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-5ccd-zu9e-yfgp
4
vulnerability VCID-7kmy-8ht6-8fcw
5
vulnerability VCID-8csb-m7rv-xyh2
6
vulnerability VCID-9vwe-uejx-c3c5
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d6gt-9mst-dub4
11
vulnerability VCID-djww-2v4e-qkb2
12
vulnerability VCID-ewqs-8fqc-b3hk
13
vulnerability VCID-gr5g-7tkc-2kfa
14
vulnerability VCID-k1aa-deyg-2kdg
15
vulnerability VCID-k2xa-uwrr-ffez
16
vulnerability VCID-k6ed-y2ud-wffu
17
vulnerability VCID-kcq9-5h99-abct
18
vulnerability VCID-m2bw-tabk-qyd8
19
vulnerability VCID-mvra-6wnv-xya1
20
vulnerability VCID-nzdu-xh5w-27g7
21
vulnerability VCID-qrhh-c86j-rqe6
22
vulnerability VCID-txyu-4qkf-r3cs
23
vulnerability VCID-x6g5-a61e-3khu
24
vulnerability VCID-ywfx-pjg6-aqcj
25
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.0-alpha1
aliases SS-2016-013
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d9he-ahd2-xkde
5
url VCID-u7hh-49t3-13df
vulnerability_id VCID-u7hh-49t3-13df
summary 
Pre-existing alc_enc cookies log users in if remember me is disabled
If remember me is on and users log in with the box checked, if the developer then disabled "remember me" function, any pre-existing cookies will continue to authenticate users.
references
0
reference_url https://www.silverstripe.org/download/security-releases/ss-2016-014/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/ss-2016-014/
fixed_packages
0
url pkg:composer/silverstripe/framework@3.1.20
purl pkg:composer/silverstripe/framework@3.1.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-112b-xdzv-auf1
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-3497-71mw-yqh8
3
vulnerability VCID-4mg2-rjsn-qyfx
4
vulnerability VCID-4qq2-bbj1-8fdb
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-7kmy-8ht6-8fcw
7
vulnerability VCID-7uum-b28k-nqbm
8
vulnerability VCID-89jy-34ks-5kds
9
vulnerability VCID-8csb-m7rv-xyh2
10
vulnerability VCID-91wy-94bg-bfc3
11
vulnerability VCID-9vwe-uejx-c3c5
12
vulnerability VCID-adng-1x6w-2baj
13
vulnerability VCID-c3wv-6zpv-zbfg
14
vulnerability VCID-cskj-c9ur-47dj
15
vulnerability VCID-d1ap-2u1x-y7gg
16
vulnerability VCID-d6gt-9mst-dub4
17
vulnerability VCID-djww-2v4e-qkb2
18
vulnerability VCID-eu6p-szkb-m7b1
19
vulnerability VCID-ewqs-8fqc-b3hk
20
vulnerability VCID-fn6y-hytc-r3b5
21
vulnerability VCID-gr5g-7tkc-2kfa
22
vulnerability VCID-k1aa-deyg-2kdg
23
vulnerability VCID-k2xa-uwrr-ffez
24
vulnerability VCID-k6ed-y2ud-wffu
25
vulnerability VCID-kcq9-5h99-abct
26
vulnerability VCID-m2bw-tabk-qyd8
27
vulnerability VCID-mvra-6wnv-xya1
28
vulnerability VCID-nzdu-xh5w-27g7
29
vulnerability VCID-pq7w-n99a-q7cj
30
vulnerability VCID-qrhh-c86j-rqe6
31
vulnerability VCID-tp75-2k7m-6yaw
32
vulnerability VCID-txyu-4qkf-r3cs
33
vulnerability VCID-upvz-qc95-nua2
34
vulnerability VCID-vrv4-sy3z-jfe2
35
vulnerability VCID-x6g5-a61e-3khu
36
vulnerability VCID-xazf-vmz5-r3dj
37
vulnerability VCID-xhcs-db5g-97fr
38
vulnerability VCID-ywfx-pjg6-aqcj
39
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.1.20
1
url pkg:composer/silverstripe/framework@3.2.5
purl pkg:composer/silverstripe/framework@3.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-3497-71mw-yqh8
2
vulnerability VCID-4mg2-rjsn-qyfx
3
vulnerability VCID-4qq2-bbj1-8fdb
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-7kmy-8ht6-8fcw
6
vulnerability VCID-7uum-b28k-nqbm
7
vulnerability VCID-89jy-34ks-5kds
8
vulnerability VCID-8csb-m7rv-xyh2
9
vulnerability VCID-91wy-94bg-bfc3
10
vulnerability VCID-9vwe-uejx-c3c5
11
vulnerability VCID-adng-1x6w-2baj
12
vulnerability VCID-c3wv-6zpv-zbfg
13
vulnerability VCID-cskj-c9ur-47dj
14
vulnerability VCID-d1ap-2u1x-y7gg
15
vulnerability VCID-d6gt-9mst-dub4
16
vulnerability VCID-djww-2v4e-qkb2
17
vulnerability VCID-eu6p-szkb-m7b1
18
vulnerability VCID-ewqs-8fqc-b3hk
19
vulnerability VCID-fn6y-hytc-r3b5
20
vulnerability VCID-gr5g-7tkc-2kfa
21
vulnerability VCID-k1aa-deyg-2kdg
22
vulnerability VCID-k2xa-uwrr-ffez
23
vulnerability VCID-k6ed-y2ud-wffu
24
vulnerability VCID-kcq9-5h99-abct
25
vulnerability VCID-m2bw-tabk-qyd8
26
vulnerability VCID-mvra-6wnv-xya1
27
vulnerability VCID-nzdu-xh5w-27g7
28
vulnerability VCID-pq7w-n99a-q7cj
29
vulnerability VCID-qrhh-c86j-rqe6
30
vulnerability VCID-tp75-2k7m-6yaw
31
vulnerability VCID-txyu-4qkf-r3cs
32
vulnerability VCID-upvz-qc95-nua2
33
vulnerability VCID-vrv4-sy3z-jfe2
34
vulnerability VCID-x6g5-a61e-3khu
35
vulnerability VCID-xazf-vmz5-r3dj
36
vulnerability VCID-xhcs-db5g-97fr
37
vulnerability VCID-ywfx-pjg6-aqcj
38
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.2.5
2
url pkg:composer/silverstripe/framework@3.3.3
purl pkg:composer/silverstripe/framework@3.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-3497-71mw-yqh8
2
vulnerability VCID-4mg2-rjsn-qyfx
3
vulnerability VCID-4qq2-bbj1-8fdb
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-7kmy-8ht6-8fcw
6
vulnerability VCID-7uum-b28k-nqbm
7
vulnerability VCID-89jy-34ks-5kds
8
vulnerability VCID-8csb-m7rv-xyh2
9
vulnerability VCID-91wy-94bg-bfc3
10
vulnerability VCID-9vwe-uejx-c3c5
11
vulnerability VCID-adng-1x6w-2baj
12
vulnerability VCID-c3wv-6zpv-zbfg
13
vulnerability VCID-cskj-c9ur-47dj
14
vulnerability VCID-d1ap-2u1x-y7gg
15
vulnerability VCID-d6gt-9mst-dub4
16
vulnerability VCID-djww-2v4e-qkb2
17
vulnerability VCID-eu6p-szkb-m7b1
18
vulnerability VCID-ewqs-8fqc-b3hk
19
vulnerability VCID-fn6y-hytc-r3b5
20
vulnerability VCID-gr5g-7tkc-2kfa
21
vulnerability VCID-k1aa-deyg-2kdg
22
vulnerability VCID-k2xa-uwrr-ffez
23
vulnerability VCID-k6ed-y2ud-wffu
24
vulnerability VCID-kcq9-5h99-abct
25
vulnerability VCID-m2bw-tabk-qyd8
26
vulnerability VCID-mvra-6wnv-xya1
27
vulnerability VCID-nzdu-xh5w-27g7
28
vulnerability VCID-pq7w-n99a-q7cj
29
vulnerability VCID-qrhh-c86j-rqe6
30
vulnerability VCID-tp75-2k7m-6yaw
31
vulnerability VCID-txyu-4qkf-r3cs
32
vulnerability VCID-upvz-qc95-nua2
33
vulnerability VCID-vrv4-sy3z-jfe2
34
vulnerability VCID-x6g5-a61e-3khu
35
vulnerability VCID-xazf-vmz5-r3dj
36
vulnerability VCID-xhcs-db5g-97fr
37
vulnerability VCID-ywfx-pjg6-aqcj
38
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.3.3
3
url pkg:composer/silverstripe/framework@3.4.1
purl pkg:composer/silverstripe/framework@3.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2b81-t1vt-3uar
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-3497-71mw-yqh8
3
vulnerability VCID-4mg2-rjsn-qyfx
4
vulnerability VCID-4qq2-bbj1-8fdb
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-7kmy-8ht6-8fcw
7
vulnerability VCID-7uum-b28k-nqbm
8
vulnerability VCID-89jy-34ks-5kds
9
vulnerability VCID-8csb-m7rv-xyh2
10
vulnerability VCID-91wy-94bg-bfc3
11
vulnerability VCID-9vwe-uejx-c3c5
12
vulnerability VCID-adng-1x6w-2baj
13
vulnerability VCID-c3wv-6zpv-zbfg
14
vulnerability VCID-cskj-c9ur-47dj
15
vulnerability VCID-d1ap-2u1x-y7gg
16
vulnerability VCID-d6gt-9mst-dub4
17
vulnerability VCID-djww-2v4e-qkb2
18
vulnerability VCID-eu6p-szkb-m7b1
19
vulnerability VCID-ewqs-8fqc-b3hk
20
vulnerability VCID-fn6y-hytc-r3b5
21
vulnerability VCID-gr5g-7tkc-2kfa
22
vulnerability VCID-k1aa-deyg-2kdg
23
vulnerability VCID-k2xa-uwrr-ffez
24
vulnerability VCID-k6ed-y2ud-wffu
25
vulnerability VCID-kcq9-5h99-abct
26
vulnerability VCID-m2bw-tabk-qyd8
27
vulnerability VCID-mvra-6wnv-xya1
28
vulnerability VCID-nzdu-xh5w-27g7
29
vulnerability VCID-pq7w-n99a-q7cj
30
vulnerability VCID-qrhh-c86j-rqe6
31
vulnerability VCID-s4vd-dw41-wkgn
32
vulnerability VCID-seq6-f1js-u3f3
33
vulnerability VCID-tp75-2k7m-6yaw
34
vulnerability VCID-txyu-4qkf-r3cs
35
vulnerability VCID-upvz-qc95-nua2
36
vulnerability VCID-v5s9-xp16-2udf
37
vulnerability VCID-vrv4-sy3z-jfe2
38
vulnerability VCID-x6g5-a61e-3khu
39
vulnerability VCID-xazf-vmz5-r3dj
40
vulnerability VCID-xhcs-db5g-97fr
41
vulnerability VCID-ywfx-pjg6-aqcj
42
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.4.1
4
url pkg:composer/silverstripe/framework@4.0.0-alpha1
purl pkg:composer/silverstripe/framework@4.0.0-alpha1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-4mg2-rjsn-qyfx
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-5ccd-zu9e-yfgp
4
vulnerability VCID-7kmy-8ht6-8fcw
5
vulnerability VCID-8csb-m7rv-xyh2
6
vulnerability VCID-9vwe-uejx-c3c5
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d6gt-9mst-dub4
11
vulnerability VCID-djww-2v4e-qkb2
12
vulnerability VCID-ewqs-8fqc-b3hk
13
vulnerability VCID-gr5g-7tkc-2kfa
14
vulnerability VCID-k1aa-deyg-2kdg
15
vulnerability VCID-k2xa-uwrr-ffez
16
vulnerability VCID-k6ed-y2ud-wffu
17
vulnerability VCID-kcq9-5h99-abct
18
vulnerability VCID-m2bw-tabk-qyd8
19
vulnerability VCID-mvra-6wnv-xya1
20
vulnerability VCID-nzdu-xh5w-27g7
21
vulnerability VCID-qrhh-c86j-rqe6
22
vulnerability VCID-txyu-4qkf-r3cs
23
vulnerability VCID-x6g5-a61e-3khu
24
vulnerability VCID-ywfx-pjg6-aqcj
25
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.0-alpha1
aliases SS-2016-014
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u7hh-49t3-13df
6
url VCID-uww2-1x5r-ufc6
vulnerability_id VCID-uww2-1x5r-ufc6
summary 
XSS In OptionsetField and CheckboxSetField
List of key / value pairs assigned to `OptionsetField` or `CheckboxSetField` do not have a default casting assigned to them. The effect of this is a potential XSS vulnerability in lists where either key or value contain unescaped HTML.
references
0
reference_url https://www.silverstripe.org/download/security-releases/ss-2016-015/
reference_id
reference_type
scores
url https://www.silverstripe.org/download/security-releases/ss-2016-015/
fixed_packages
0
url pkg:composer/silverstripe/framework@3.1.20
purl pkg:composer/silverstripe/framework@3.1.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-112b-xdzv-auf1
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-3497-71mw-yqh8
3
vulnerability VCID-4mg2-rjsn-qyfx
4
vulnerability VCID-4qq2-bbj1-8fdb
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-7kmy-8ht6-8fcw
7
vulnerability VCID-7uum-b28k-nqbm
8
vulnerability VCID-89jy-34ks-5kds
9
vulnerability VCID-8csb-m7rv-xyh2
10
vulnerability VCID-91wy-94bg-bfc3
11
vulnerability VCID-9vwe-uejx-c3c5
12
vulnerability VCID-adng-1x6w-2baj
13
vulnerability VCID-c3wv-6zpv-zbfg
14
vulnerability VCID-cskj-c9ur-47dj
15
vulnerability VCID-d1ap-2u1x-y7gg
16
vulnerability VCID-d6gt-9mst-dub4
17
vulnerability VCID-djww-2v4e-qkb2
18
vulnerability VCID-eu6p-szkb-m7b1
19
vulnerability VCID-ewqs-8fqc-b3hk
20
vulnerability VCID-fn6y-hytc-r3b5
21
vulnerability VCID-gr5g-7tkc-2kfa
22
vulnerability VCID-k1aa-deyg-2kdg
23
vulnerability VCID-k2xa-uwrr-ffez
24
vulnerability VCID-k6ed-y2ud-wffu
25
vulnerability VCID-kcq9-5h99-abct
26
vulnerability VCID-m2bw-tabk-qyd8
27
vulnerability VCID-mvra-6wnv-xya1
28
vulnerability VCID-nzdu-xh5w-27g7
29
vulnerability VCID-pq7w-n99a-q7cj
30
vulnerability VCID-qrhh-c86j-rqe6
31
vulnerability VCID-tp75-2k7m-6yaw
32
vulnerability VCID-txyu-4qkf-r3cs
33
vulnerability VCID-upvz-qc95-nua2
34
vulnerability VCID-vrv4-sy3z-jfe2
35
vulnerability VCID-x6g5-a61e-3khu
36
vulnerability VCID-xazf-vmz5-r3dj
37
vulnerability VCID-xhcs-db5g-97fr
38
vulnerability VCID-ywfx-pjg6-aqcj
39
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.1.20
1
url pkg:composer/silverstripe/framework@3.2.5
purl pkg:composer/silverstripe/framework@3.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-3497-71mw-yqh8
2
vulnerability VCID-4mg2-rjsn-qyfx
3
vulnerability VCID-4qq2-bbj1-8fdb
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-7kmy-8ht6-8fcw
6
vulnerability VCID-7uum-b28k-nqbm
7
vulnerability VCID-89jy-34ks-5kds
8
vulnerability VCID-8csb-m7rv-xyh2
9
vulnerability VCID-91wy-94bg-bfc3
10
vulnerability VCID-9vwe-uejx-c3c5
11
vulnerability VCID-adng-1x6w-2baj
12
vulnerability VCID-c3wv-6zpv-zbfg
13
vulnerability VCID-cskj-c9ur-47dj
14
vulnerability VCID-d1ap-2u1x-y7gg
15
vulnerability VCID-d6gt-9mst-dub4
16
vulnerability VCID-djww-2v4e-qkb2
17
vulnerability VCID-eu6p-szkb-m7b1
18
vulnerability VCID-ewqs-8fqc-b3hk
19
vulnerability VCID-fn6y-hytc-r3b5
20
vulnerability VCID-gr5g-7tkc-2kfa
21
vulnerability VCID-k1aa-deyg-2kdg
22
vulnerability VCID-k2xa-uwrr-ffez
23
vulnerability VCID-k6ed-y2ud-wffu
24
vulnerability VCID-kcq9-5h99-abct
25
vulnerability VCID-m2bw-tabk-qyd8
26
vulnerability VCID-mvra-6wnv-xya1
27
vulnerability VCID-nzdu-xh5w-27g7
28
vulnerability VCID-pq7w-n99a-q7cj
29
vulnerability VCID-qrhh-c86j-rqe6
30
vulnerability VCID-tp75-2k7m-6yaw
31
vulnerability VCID-txyu-4qkf-r3cs
32
vulnerability VCID-upvz-qc95-nua2
33
vulnerability VCID-vrv4-sy3z-jfe2
34
vulnerability VCID-x6g5-a61e-3khu
35
vulnerability VCID-xazf-vmz5-r3dj
36
vulnerability VCID-xhcs-db5g-97fr
37
vulnerability VCID-ywfx-pjg6-aqcj
38
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.2.5
2
url pkg:composer/silverstripe/framework@3.3.3
purl pkg:composer/silverstripe/framework@3.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-3497-71mw-yqh8
2
vulnerability VCID-4mg2-rjsn-qyfx
3
vulnerability VCID-4qq2-bbj1-8fdb
4
vulnerability VCID-5ccd-zu9e-yfgp
5
vulnerability VCID-7kmy-8ht6-8fcw
6
vulnerability VCID-7uum-b28k-nqbm
7
vulnerability VCID-89jy-34ks-5kds
8
vulnerability VCID-8csb-m7rv-xyh2
9
vulnerability VCID-91wy-94bg-bfc3
10
vulnerability VCID-9vwe-uejx-c3c5
11
vulnerability VCID-adng-1x6w-2baj
12
vulnerability VCID-c3wv-6zpv-zbfg
13
vulnerability VCID-cskj-c9ur-47dj
14
vulnerability VCID-d1ap-2u1x-y7gg
15
vulnerability VCID-d6gt-9mst-dub4
16
vulnerability VCID-djww-2v4e-qkb2
17
vulnerability VCID-eu6p-szkb-m7b1
18
vulnerability VCID-ewqs-8fqc-b3hk
19
vulnerability VCID-fn6y-hytc-r3b5
20
vulnerability VCID-gr5g-7tkc-2kfa
21
vulnerability VCID-k1aa-deyg-2kdg
22
vulnerability VCID-k2xa-uwrr-ffez
23
vulnerability VCID-k6ed-y2ud-wffu
24
vulnerability VCID-kcq9-5h99-abct
25
vulnerability VCID-m2bw-tabk-qyd8
26
vulnerability VCID-mvra-6wnv-xya1
27
vulnerability VCID-nzdu-xh5w-27g7
28
vulnerability VCID-pq7w-n99a-q7cj
29
vulnerability VCID-qrhh-c86j-rqe6
30
vulnerability VCID-tp75-2k7m-6yaw
31
vulnerability VCID-txyu-4qkf-r3cs
32
vulnerability VCID-upvz-qc95-nua2
33
vulnerability VCID-vrv4-sy3z-jfe2
34
vulnerability VCID-x6g5-a61e-3khu
35
vulnerability VCID-xazf-vmz5-r3dj
36
vulnerability VCID-xhcs-db5g-97fr
37
vulnerability VCID-ywfx-pjg6-aqcj
38
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.3.3
3
url pkg:composer/silverstripe/framework@3.4.1
purl pkg:composer/silverstripe/framework@3.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2b81-t1vt-3uar
1
vulnerability VCID-2uck-cp19-v3e9
2
vulnerability VCID-3497-71mw-yqh8
3
vulnerability VCID-4mg2-rjsn-qyfx
4
vulnerability VCID-4qq2-bbj1-8fdb
5
vulnerability VCID-5ccd-zu9e-yfgp
6
vulnerability VCID-7kmy-8ht6-8fcw
7
vulnerability VCID-7uum-b28k-nqbm
8
vulnerability VCID-89jy-34ks-5kds
9
vulnerability VCID-8csb-m7rv-xyh2
10
vulnerability VCID-91wy-94bg-bfc3
11
vulnerability VCID-9vwe-uejx-c3c5
12
vulnerability VCID-adng-1x6w-2baj
13
vulnerability VCID-c3wv-6zpv-zbfg
14
vulnerability VCID-cskj-c9ur-47dj
15
vulnerability VCID-d1ap-2u1x-y7gg
16
vulnerability VCID-d6gt-9mst-dub4
17
vulnerability VCID-djww-2v4e-qkb2
18
vulnerability VCID-eu6p-szkb-m7b1
19
vulnerability VCID-ewqs-8fqc-b3hk
20
vulnerability VCID-fn6y-hytc-r3b5
21
vulnerability VCID-gr5g-7tkc-2kfa
22
vulnerability VCID-k1aa-deyg-2kdg
23
vulnerability VCID-k2xa-uwrr-ffez
24
vulnerability VCID-k6ed-y2ud-wffu
25
vulnerability VCID-kcq9-5h99-abct
26
vulnerability VCID-m2bw-tabk-qyd8
27
vulnerability VCID-mvra-6wnv-xya1
28
vulnerability VCID-nzdu-xh5w-27g7
29
vulnerability VCID-pq7w-n99a-q7cj
30
vulnerability VCID-qrhh-c86j-rqe6
31
vulnerability VCID-s4vd-dw41-wkgn
32
vulnerability VCID-seq6-f1js-u3f3
33
vulnerability VCID-tp75-2k7m-6yaw
34
vulnerability VCID-txyu-4qkf-r3cs
35
vulnerability VCID-upvz-qc95-nua2
36
vulnerability VCID-v5s9-xp16-2udf
37
vulnerability VCID-vrv4-sy3z-jfe2
38
vulnerability VCID-x6g5-a61e-3khu
39
vulnerability VCID-xazf-vmz5-r3dj
40
vulnerability VCID-xhcs-db5g-97fr
41
vulnerability VCID-ywfx-pjg6-aqcj
42
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.4.1
4
url pkg:composer/silverstripe/framework@4.0.0-alpha1
purl pkg:composer/silverstripe/framework@4.0.0-alpha1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2uck-cp19-v3e9
1
vulnerability VCID-4mg2-rjsn-qyfx
2
vulnerability VCID-4qq2-bbj1-8fdb
3
vulnerability VCID-5ccd-zu9e-yfgp
4
vulnerability VCID-7kmy-8ht6-8fcw
5
vulnerability VCID-8csb-m7rv-xyh2
6
vulnerability VCID-9vwe-uejx-c3c5
7
vulnerability VCID-adng-1x6w-2baj
8
vulnerability VCID-cskj-c9ur-47dj
9
vulnerability VCID-d1ap-2u1x-y7gg
10
vulnerability VCID-d6gt-9mst-dub4
11
vulnerability VCID-djww-2v4e-qkb2
12
vulnerability VCID-ewqs-8fqc-b3hk
13
vulnerability VCID-gr5g-7tkc-2kfa
14
vulnerability VCID-k1aa-deyg-2kdg
15
vulnerability VCID-k2xa-uwrr-ffez
16
vulnerability VCID-k6ed-y2ud-wffu
17
vulnerability VCID-kcq9-5h99-abct
18
vulnerability VCID-m2bw-tabk-qyd8
19
vulnerability VCID-mvra-6wnv-xya1
20
vulnerability VCID-nzdu-xh5w-27g7
21
vulnerability VCID-qrhh-c86j-rqe6
22
vulnerability VCID-txyu-4qkf-r3cs
23
vulnerability VCID-x6g5-a61e-3khu
24
vulnerability VCID-ywfx-pjg6-aqcj
25
vulnerability VCID-yxg1-dz91-ckgs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.0-alpha1
aliases SS-2016-015
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uww2-1x5r-ufc6
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.0-alpha1