Search for packages
| purl | pkg:composer/silverstripe/framework@4.9.0-alpha1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-11sx-j3x7-gkcr
Aliases: GHSA-74j9-xhqr-6qv3 |
Reflected Cross Site Scripting (XSS) in error message If a website has been set to the "dev" environment mode, a URL can be provided which includes an XSS payload which will be executed in the resulting error message. |
Affected by 0 other vulnerabilities. |
|
VCID-1p79-328x-sueq
Aliases: CVE-2021-41559 GHSA-9fmg-89fx-r33w |
Quadratic blowup in Convert::xml2array() Silverstripe silverstripe/framework 4.x until 4.10.9 has a quadratic blowup in Convert::xml2array() that enables a remote attack via a crafted XML document. |
Affected by 16 other vulnerabilities. Affected by 15 other vulnerabilities. |
|
VCID-24a5-ruc4-bycq
Aliases: CVE-2022-28803 GHSA-rppc-655v-7j3c |
Stored XSS in link tags added via XHR in SilverStripe Framework SilverStripe Framework 4.x prior to 4.10.9 is vulnerable to cross-site scripting inside the href attribute of an HTML hyperlink, which can be added to website content via XMLHttpRequest (XHR) by an authenticated CMS user. |
Affected by 16 other vulnerabilities. |
|
VCID-5cfa-whq6-9ucp
Aliases: CVE-2024-53277 GHSA-ff6q-3c9c-6cf5 |
Silverstripe Framework has a XSS in form messages In some cases, form messages can contain HTML markup. This is an intentional feature, allowing links and other relevant HTML markup for the given message. Some form messages include content that the user can provide. There are scenarios in the CMS where that content doesn't get correctly sanitised prior to being included in the form message, resulting in an XSS vulnerability. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-7gak-15m5-j3f5
Aliases: CVE-2022-38148 GHSA-rr8h-f97q-8p9c |
Blind SQL Injection via GridFieldSortableHeader Gridfield state is vulnerable to SQL injections. The vast majority of Gridfields in Silverstripe CMS are affected by this vulnerability. An attacker with CMS access could execute an arbitrary SQL statement by adding an SQL payload in some parts of the GridField state. |
Affected by 11 other vulnerabilities. Affected by 10 other vulnerabilities. |
|
VCID-7w7t-3783-1kbs
Aliases: CVE-2022-37430 GHSA-qw4w-vq8v-2wcv GMS-2022-6857 |
Stored XSS using uppercase characters in HTMLEditor A malicious content author could add a Javascript payload to the href attribute of a link. A similar issue was identified and fixed via CVE-2022-28803. However, the fix didn't account for the casing of the href attribute. An attacker must have access to the CMS to exploit this issue. |
Affected by 11 other vulnerabilities. Affected by 10 other vulnerabilities. |
|
VCID-86vg-4j71-hkgr
Aliases: CVE-2024-47605 GHSA-7cmp-cgg8-4c82 |
Silverstripe Framework has a XSS via insert media remote file oembed When using the "insert media" functionality, the linked oEmbed JSON includes an HTML attribute which will replace the embed shortcode. The HTML is not sanitized before replacing the shortcode, allowing a script payload to be executed on both the CMS and the front-end of the website. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-8u5c-6vx3-mfcr
Aliases: GHSA-mqf3-qpc3-g26q |
Silverstripe Framework has a Reflected Cross Site Scripting (XSS) in error message > [!IMPORTANT] > This vulnerability only affects sites which are in the "dev" environment mode. If your production website is in "dev" mode, it has been misconfigured, and you should immediately swap it to "live" mode. > See https://docs.silverstripe.org/en/developer_guides/debugging/environment_types/ for more information. If a website has been set to the "dev" environment mode, a URL can be provided which includes an XSS payload which will be executed in the resulting error message. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-9t4k-8hsz-bfdw
Aliases: CVE-2022-38462 GHSA-vvxf-r4vm-2vm6 GMS-2022-6858 |
Reflected XSS in querystring parameters An attacker could inject a XSS payload in a Silverstripe CMS response by carefully crafting a return URL on a /dev/build or /Security/login request. To exploit this vulnerability, an attacker would need to convince a user to follow a link with a malicious payload. This will only affect projects configured to output PHP warnings to the browser. By default, Silverstripe CMS will only output PHP warnings if your SS_ENVIRONMENT_TYPE environment variable is set to dev. Production sites should always set SS_ENVIRONMENT_TYPE to live. |
Affected by 11 other vulnerabilities. Affected by 10 other vulnerabilities. |
|
VCID-9y5u-qyzd-3ud9
Aliases: CVE-2023-48714 GHSA-qm2j-qvq3-j29v |
Exposure of Sensitive Information to an Unauthorized Actor Silverstripe Framework is the framework that forms the base of the Silverstripe content management system. Prior to versions 4.13.39 and 5.1.11, if a user should not be able to see a record, but that record can be added to a `GridField` using the `GridFieldAddExistingAutocompleter` component, the record's title can be accessed by that user. Versions 4.13.39 and 5.1.11 contain a fix for this issue. |
Affected by 6 other vulnerabilities. Affected by 6 other vulnerabilities. |
|
VCID-a7cf-kpzy-xudd
Aliases: CVE-2023-22729 GHSA-fw84-xgm8-9jmv |
URL Redirection to Untrusted Site ('Open Redirect') Silverstripe Framework is the Model-View-Controller framework that powers the Silverstripe content management system. Prior to version 4.12.15, an attacker can display a link to a third party website on a login screen by convincing a legitimate content author to follow a specially crafted link. Users should upgrade to Silverstripe Framework 4.12.15 or above to address the issue. |
Affected by 8 other vulnerabilities. |
|
VCID-ca4q-xd4v-vqfe
Aliases: CVE-2022-38724 GHSA-9cx2-hj6m-fv58 GMS-2022-6853 GMS-2022-6856 |
Silverstripe XSS in shortcodes A malicious content author could add arbitrary attributes to HTML editor shortcodes which could be used to inject a JavaScript payload on the front end of the site. The shortcode providers that ship with Silverstripe CMS have been reviewed and attribute whitelists have been implemented where appropriate to negate this risk. |
Affected by 11 other vulnerabilities. Affected by 10 other vulnerabilities. |
|
VCID-fmfu-81xu-pfdy
Aliases: CVE-2022-25238 GHSA-jx34-gqqq-r6gm |
Stored XSS via HTML fields in SilverStripe Framework SilverStripe Framework through 4.10.8 allows XSS, inside of script tags that can can be added to website content via XHR by an authenticated CMS user if the cwp-core module is not installed on the sanitise_server_side contig is not set to true in project code. |
Affected by 16 other vulnerabilities. |
|
VCID-gnpw-s9hp-wqfs
Aliases: CVE-2023-32302 GHSA-36xx-7vf6-7mv3 |
Improper Input Validation Silverstripe Framework is the MVC framework that powers Silverstripe CMS. When a new member record is created and a password is not set, an empty encrypted password is generated. As a result, if someone is aware of the existence of a member record associated with a specific email address, they can potentially attempt to log in using that empty password. Although the default member authenticator and login form require a non-empty password, alternative authentication methods might still permit a successful login with the empty password. This issue has been patched in versions 4.13.4 and 5.0.13. |
Affected by 7 other vulnerabilities. Affected by 7 other vulnerabilities. |
|
VCID-hcuz-gz3w-97ew
Aliases: CVE-2022-0227 GHSA-32m2-9f76-4gv8 |
Business Logic Errors in GitHub repository silverstripe/silverstripe-framework |
Affected by 19 other vulnerabilities. |
|
VCID-k46z-g6jp-57ek
Aliases: GHSA-52cw-pvq9-9m5v |
Silverstripe uses TinyMCE which allows svg files linked in object tags TinyMCE v6 has a configuration value `convert_unsafe_embeds` set to `false` which allows svg files containing javascript to be used in `<object>` or `<embed>` tags, which can be used as a vector for XSS attacks. Note that `<embed>` tags are not allowed by default. After patching the default value of `convert_unsafe_embeds` will be set to `true`. This means that `<object>` tags will be converted to iframes instead the next time the page is saved, which may break any pages that rely upon previously saved `<object>` tags. Developers can override this configuration if desired to revert to the original behaviour. We reviewed the potential impact of this vulnerability within the context of Silverstripe CMS. We concluded this is a medium impact vulnerability given how TinyMCE is used by Silverstripe CMS. |
Affected by 4 other vulnerabilities. |
|
VCID-ky21-z2d2-sye6
Aliases: CVE-2024-32981 GHSA-chx7-9x8h-r5mg |
Silverstripe Framework has a Cross-site Scripting vulnerability with encoded payload A bad actor with access to edit content in the CMS could send a specifically crafted encoded payload to the server, which could be used to inject a JavaScript payload on the front end of the site. The payload would be sanitised on the client-side, but server-side sanitisation doesn't catch it. The server-side sanitisation logic has been updated to sanitise against this type of attack. |
Affected by 4 other vulnerabilities. |
|
VCID-uy47-3s8a-hbdn
Aliases: CVE-2022-37421 GHSA-pp74-g2q5-j4jf GMS-2022-6855 |
Silverstipe CMS Stored XSS in custom meta tags A malicious content author could create a custom meta tag and execute an arbitrary JavaScript payload. This would require convincing a legitimate user to access a page and enter a custom keyboard shortcut. This requires CMS access to exploit. |
Affected by 15 other vulnerabilities. |
|
VCID-xm4q-u96p-57dd
Aliases: CVE-2022-37429 GHSA-wc6r-4ggc-79w5 GMS-2022-6859 |
Stored XSS using HTMLEditor A malicious content author could add a JavaScript payload to the href attribute of a link by splitting a javascript URL with white space characters. An attacker must have access to the CMS to exploit this issue. |
Affected by 11 other vulnerabilities. Affected by 10 other vulnerabilities. |
|
VCID-zdge-zsmz-8ud9
Aliases: CVE-2023-22728 GHSA-jh3w-6jp2-vqqm |
Missing Authorization Silverstripe Framework is the Model-View-Controller framework that powers the Silverstripe content management system. Prior to version 4.12.15, the GridField print view incorrectly validates the permission of DataObjects potentially allowing a content author to view records they are not authorised to access. Users should upgrade to Silverstripe Framework 4.12.15 or above to address the issue. |
Affected by 8 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-n4fk-735u-2baw | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') SilverStripe Framework suffers from a XSS vulnerablity. |
CVE-2021-36150
GHSA-j66h-cc96-c32q |