VulnerableCode Package Details - pkg:composer/silverstripe/userforms@5.4.2

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-dc9y-v257-6bhf	SilverStripe Folders migrated from 3.x may be unsafe to upload to In SilverStripe through 4.5, files uploaded via Forms to folders migrated from Silverstripe CMS 3.x may be put to the default "/Uploads" folder instead. This affects installations which allowed upload folder protection via the optional silverstripe/secureassets module under 3.x. This module is installed and enabled by default on the Common Web Platform (CWP). The vulnerability only affects files uploaded after an upgrade to 4.x.	CVE-2020-9280 GHSA-592m-4533-rxq9

Vulnerability

Summary

Aliases

VCID-dc9y-v257-6bhf

SilverStripe Folders migrated from 3.x may be unsafe to upload to In SilverStripe through 4.5, files uploaded via Forms to folders migrated from Silverstripe CMS 3.x may be put to the default "/Uploads" folder instead. This affects installations which allowed upload folder protection via the optional silverstripe/secureassets module under 3.x. This module is installed and enabled by default on the Common Web Platform (CWP). The vulnerability only affects files uploaded after an upgrade to 4.x.

CVE-2020-9280
GHSA-592m-4533-rxq9

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T21:56:43.085897+00:00	GitLab Importer	Fixing	VCID-dc9y-v257-6bhf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/userforms/CVE-2020-9280.yml	38.4.0
2026-04-11T23:12:05.780517+00:00	GitLab Importer	Fixing	VCID-dc9y-v257-6bhf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/userforms/CVE-2020-9280.yml	38.3.0
2026-04-04T14:32:33.395643+00:00	GHSA Importer	Fixing	VCID-dc9y-v257-6bhf	https://github.com/advisories/GHSA-592m-4533-rxq9	38.1.0
2026-04-02T23:20:28.619116+00:00	GitLab Importer	Fixing	VCID-dc9y-v257-6bhf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/userforms/CVE-2020-9280.yml	38.1.0
2026-04-01T17:41:05.164975+00:00	GitLab Importer	Fixing	VCID-dc9y-v257-6bhf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/userforms/CVE-2020-9280.yml	38.0.0
2026-04-01T13:09:20.871047+00:00	GithubOSV Importer	Fixing	VCID-dc9y-v257-6bhf	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-592m-4533-rxq9/GHSA-592m-4533-rxq9.json	38.0.0