Search for packages
| purl | pkg:composer/silverstripe/framework@4.0.0-alpha1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1p79-328x-sueq
Aliases: CVE-2021-41559 GHSA-9fmg-89fx-r33w |
Quadratic blowup in Convert::xml2array() Silverstripe silverstripe/framework 4.x until 4.10.9 has a quadratic blowup in Convert::xml2array() that enables a remote attack via a crafted XML document. |
Affected by 9 other vulnerabilities. Affected by 8 other vulnerabilities. |
|
VCID-7hxq-cp29-r7dh
Aliases: CVE-2019-14272 GHSA-jgw2-f5mx-rg7h |
Cross-site Scripting In SilverStripe asset-admin, there is XSS in file titles managed through the CMS. |
Affected by 28 other vulnerabilities. Affected by 28 other vulnerabilities. Affected by 20 other vulnerabilities. Affected by 21 other vulnerabilities. |
|
VCID-a7cf-kpzy-xudd
Aliases: CVE-2023-22729 GHSA-fw84-xgm8-9jmv |
URL Redirection to Untrusted Site ('Open Redirect') Silverstripe Framework is the Model-View-Controller framework that powers the Silverstripe content management system. Prior to version 4.12.15, an attacker can display a link to a third party website on a login screen by convincing a legitimate content author to follow a specially crafted link. Users should upgrade to Silverstripe Framework 4.12.15 or above to address the issue. |
Affected by 1 other vulnerability. |
|
VCID-b6nm-cphj-wfgw
Aliases: CVE-2019-12617 GHSA-6r58-4xgr-gm6m |
Improper Privilege Management In SilverStripe, there is access escalation for CMS users with limited access through permission cache pollution. |
Affected by 21 other vulnerabilities. Affected by 20 other vulnerabilities. Affected by 21 other vulnerabilities. |
|
VCID-cmwn-cjff-9qau
Aliases: CVE-2019-12203 GHSA-w7r7-r8r9-vrg2 |
Session Fixation SilverStripe allows session fixation in the "change password" form. |
Affected by 21 other vulnerabilities. Affected by 20 other vulnerabilities. Affected by 21 other vulnerabilities. |
|
VCID-gnpw-s9hp-wqfs
Aliases: CVE-2023-32302 GHSA-36xx-7vf6-7mv3 |
Improper Input Validation Silverstripe Framework is the MVC framework that powers Silverstripe CMS. When a new member record is created and a password is not set, an empty encrypted password is generated. As a result, if someone is aware of the existence of a member record associated with a specific email address, they can potentially attempt to log in using that empty password. Although the default member authenticator and login form require a non-empty password, alternative authentication methods might still permit a successful login with the empty password. This issue has been patched in versions 4.13.4 and 5.0.13. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-hcuz-gz3w-97ew
Aliases: CVE-2022-0227 GHSA-32m2-9f76-4gv8 |
Business Logic Errors in GitHub repository silverstripe/silverstripe-framework |
Affected by 12 other vulnerabilities. |
|
VCID-mkex-ht2r-cucz
Aliases: CVE-2019-14273 GHSA-43jj-2rwc-2m3f |
Files or Directories Accessible to External Parties In SilverStripe, there is broken access control on files. |
Affected by 28 other vulnerabilities. Affected by 28 other vulnerabilities. Affected by 20 other vulnerabilities. Affected by 21 other vulnerabilities. |
|
VCID-n4fk-735u-2baw
Aliases: CVE-2021-36150 GHSA-j66h-cc96-c32q |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') SilverStripe Framework suffers from a XSS vulnerablity. |
Affected by 13 other vulnerabilities. Affected by 13 other vulnerabilities. |
|
VCID-nute-ndg2-z7ev
Aliases: CVE-2019-12205 GHSA-rfvw-5848-gxc5 |
Cross-site Scripting SilverStripe has Flash Clipboard Reflected XSS. |
Affected by 21 other vulnerabilities. Affected by 20 other vulnerabilities. Affected by 21 other vulnerabilities. |
|
VCID-qmfy-dxag-uuex
Aliases: CVE-2020-26136 GHSA-mg2g-8pwj-r2j2 |
Improper Authentication In SilverStripe, GraphQL does not honour MFA (multi-factor authentication) when using basic authentication. |
Affected by 14 other vulnerabilities. |
|
VCID-r1eg-dwej-5kau
Aliases: CVE-2019-12437 GHSA-fx37-56v6-85q6 |
Cross-Site Request Forgery (CSRF) Cross Site Request Forgery (CSRF) Protection Bypass in GraphQL. |
Affected by 21 other vulnerabilities. |
|
VCID-tv7h-289s-xub4
Aliases: CVE-2020-25817 GHSA-3vjc-5x79-m9r8 |
Improper Restriction of XML External Entity Reference SilverStripe has an XXE Vulnerability in CSSContentParser. A developer utility meant for parsing HTML within unit tests can be vulnerable to XML External Entity (XXE) attacks. When this developer utility is misused for purposes involving external or user submitted data in custom project code, it can lead to vulnerabilities such as XSS on HTML output rendered through this custom code. This is now mitigated by disabling external entities during parsing. |
Affected by 14 other vulnerabilities. Affected by 14 other vulnerabilities. |
|
VCID-uy47-3s8a-hbdn
Aliases: CVE-2022-37421 GHSA-pp74-g2q5-j4jf GMS-2022-6855 |
Silverstipe CMS Stored XSS in custom meta tags A malicious content author could create a custom meta tag and execute an arbitrary JavaScript payload. This would require convincing a legitimate user to access a page and enter a custom keyboard shortcut. This requires CMS access to exploit. |
Affected by 8 other vulnerabilities. |
|
VCID-wgdv-etcq-3qhw
Aliases: CVE-2020-26138 GHSA-7mv4-4xpg-xq44 |
Improper Input Validation In SilverStripe, a FormField with square brackets in the field name skips validation. |
Affected by 14 other vulnerabilities. Affected by 14 other vulnerabilities. |
|
VCID-xg74-3h1h-kqaf
Aliases: CVE-2019-12246 GHSA-5fr8-xhqq-4p3q |
Uncontrolled Resource Consumption SilverStripe allows a Denial of Service on flush and development URL tools. |
Affected by 21 other vulnerabilities. Affected by 26 other vulnerabilities. |
|
VCID-y8et-m846-2fc6
Aliases: CVE-2019-12245 GHSA-jvx5-rm6q-gx7p |
Information Exposure SilverStripe has incorrect access control for protected files uploaded via `Upload::loadIntoFile()`. An attacker may be able to guess a filename in `silverstripe/assets` via the `AssetControlExtension`. |
Affected by 21 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 21 other vulnerabilities. |
|
VCID-zdge-zsmz-8ud9
Aliases: CVE-2023-22728 GHSA-jh3w-6jp2-vqqm |
Missing Authorization Silverstripe Framework is the Model-View-Controller framework that powers the Silverstripe content management system. Prior to version 4.12.15, the GridField print view incorrectly validates the permission of DataObjects potentially allowing a content author to view records they are not authorised to access. Users should upgrade to Silverstripe Framework 4.12.15 or above to address the issue. |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-3svb-wudn-aybz | VersionedRequestFilter vulnerability A cross-site scripting vulnerability in `VersionedRequestFilter` has been found. If an incoming user request should not be able to access the requested stage, an error message is created for display on the CMS login page that they are redirected to. In this error message, the URL of the requested page is interpolated into the error message without being escaped; hence, arbitrary HTML can be injected into the CMS login page. |
SS-2016-007
|
| VCID-7ek4-6y31-1qcs | Pre-existing alc_enc cookies log users in if remember me is disabled If remember me is on and users log in with the box checked, if the developer then disabled "remember me" function, any pre-existing cookies will continue to authenticate users. |
SS-2016-014
|
| VCID-at1s-qxsg-5yfs | XSS In OptionsetField and CheckboxSetField List of key / value pairs assigned to `OptionsetField` or `CheckboxSetField` do not have a default casting assigned to them. The effect of this is a potential XSS vulnerability in lists where either key or value contain unescaped HTML. |
SS-2016-015
|
| VCID-c437-w2zy-y7c9 | ChangePasswordForm doesn't check Member::canLogIn() After performing a password reset, `ChangePasswordForm::doChangePassword()` logs in the user without checking `Member::canLogIn()`. This presents an issue for sites that are using the extension point in that method to deny access to users (for example members that have not been “approved”, or members that have had their access revoked temporarily). It looks like `Member::canLogIn()` was originally designed to only be used for checking whether the user is locked out (due to too many incorrect login attempts) but has been opened up to other uses. |
SS-2016-011
|
| VCID-ewg1-jqza-eyez | Member.Name isn't escaped The core template `framework/templates/Includes/GridField_print.ss` uses "Printed by $Member.Name". If the currently logged in members first name or surname contain XSS, this prints the raw HTML out, because `Member->getName()` just returns the raw `FirstName + Surname` as a string, which is injected directly. |
SS-2016-013
|
| VCID-gkkp-9fm7-jfaz | Missing ACL on reports The `SS_Report`, and the reports CMS section only checks `canView()` when listing the reports that can be viewed by the current user. It does not (and should) perform `canView` checks when the report is actually viewed, so if you know the URL to a report and can otherwise access the Reports section of the CMS, you can view any report. |
SS-2016-012
|
| VCID-z28b-1yrx-1bbn | Password encryption salt expiry When a user changes their password, the internal salt used for hashing their password is not updated. |
SS-2016-008
|