{"url":"http://public2.vulnerablecode.io/api/packages/199456?format=json","purl":"pkg:composer/silverstripe/framework@4.12.0-rc1","type":"composer","namespace":"silverstripe","name":"framework","version":"4.12.0-rc1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"5.3.23","latest_non_vulnerable_version":"6.0.0-alpha1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56522?format=json","vulnerability_id":"VCID-11sx-j3x7-gkcr","summary":"Reflected Cross Site Scripting (XSS) in error message\nIf a website has been set to the \"dev\" environment mode, a URL can be provided which includes an XSS payload which will be executed in the resulting error message.","references":[{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2024-002.yaml","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2024-002.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://www.silverstripe.org/download/security-releases/ss-2024-002","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/ss-2024-002"},{"reference_url":"https://github.com/advisories/GHSA-74j9-xhqr-6qv3","reference_id":"GHSA-74j9-xhqr-6qv3","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-74j9-xhqr-6qv3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83724?format=json","purl":"pkg:composer/silverstripe/framework@5.3.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-79qx-v5uu-jyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.3.8"}],"aliases":["GHSA-74j9-xhqr-6qv3"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-11sx-j3x7-gkcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57120?format=json","vulnerability_id":"VCID-2hk2-hzyh-wbhf","summary":"Silverstripe Framework user enumeration via timing attack on login and password reset forms\nUser enumeration is possible by performing a timing attack on the login or password reset pages with user credentials.\n\nThis was originally disclosed in https://www.silverstripe.org/download/security-releases/ss-2017-005/ for CMS 3 but was not patched in CMS 4+","references":[{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2025-001.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2025-001.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/pull/11681","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/pull/11681"},{"reference_url":"https://www.silverstripe.org/download/security-releases/ss-2017-005","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/ss-2017-005"},{"reference_url":"https://www.silverstripe.org/download/security-releases/ss-2025-001","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/ss-2025-001"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-12849","reference_id":"CVE-2017-12849","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-12849"},{"reference_url":"https://github.com/advisories/GHSA-256q-hx8w-xcqx","reference_id":"GHSA-256q-hx8w-xcqx","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-256q-hx8w-xcqx"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-256q-hx8w-xcqx","reference_id":"GHSA-256q-hx8w-xcqx","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-256q-hx8w-xcqx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84817?format=json","purl":"pkg:composer/silverstripe/framework@5.3.23","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.3.23"}],"aliases":["GHSA-256q-hx8w-xcqx"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2hk2-hzyh-wbhf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56456?format=json","vulnerability_id":"VCID-5cfa-whq6-9ucp","summary":"Silverstripe Framework has a XSS in form messages\nIn some cases, form messages can contain HTML markup. This is an intentional feature, allowing links and other relevant HTML markup for the given message.\n\nSome form messages include content that the user can provide. There are scenarios in the CMS where that content doesn't get correctly sanitised prior to being included in the form message, resulting in an XSS vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-53277","reference_id":"","reference_type":"","scores":[{"value":"0.01452","scoring_system":"epss","scoring_elements":"0.8117","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01452","scoring_system":"epss","scoring_elements":"0.81173","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01452","scoring_system":"epss","scoring_elements":"0.81169","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-53277"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/74904f539347b7d1f8c5b5fb9e28d62ff251ee00","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:52:17Z/"}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/74904f539347b7d1f8c5b5fb9e28d62ff251ee00"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53277","reference_id":"CVE-2024-53277","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53277"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2024-53277","reference_id":"CVE-2024-53277","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:52:17Z/"}],"url":"https://www.silverstripe.org/download/security-releases/cve-2024-53277"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2024-53277.yaml","reference_id":"CVE-2024-53277.YAML","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2024-53277.yaml"},{"reference_url":"https://github.com/advisories/GHSA-ff6q-3c9c-6cf5","reference_id":"GHSA-ff6q-3c9c-6cf5","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-ff6q-3c9c-6cf5"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-ff6q-3c9c-6cf5","reference_id":"GHSA-ff6q-3c9c-6cf5","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:52:17Z/"}],"url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-ff6q-3c9c-6cf5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83724?format=json","purl":"pkg:composer/silverstripe/framework@5.3.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-79qx-v5uu-jyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.3.8"},{"url":"http://public2.vulnerablecode.io/api/packages/794824?format=json","purl":"pkg:composer/silverstripe/framework@6.0.0-alpha1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@6.0.0-alpha1"}],"aliases":["CVE-2024-53277","GHSA-ff6q-3c9c-6cf5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5cfa-whq6-9ucp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57123?format=json","vulnerability_id":"VCID-79qx-v5uu-jyf2","summary":"Silverstripe Framework has a XSS vulnerability in HTML editor\nA bad actor with access to edit content in the CMS could send a specifically crafted encoded payload to the server, which could be used to inject a JavaScript payload on the front end of the site. The payload would be sanitised on the client-side, but server-side sanitisation doesn't catch it.\n\nThe server-side sanitisation logic has been updated to sanitise against this attack.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30148","reference_id":"","reference_type":"","scores":[{"value":"0.00224","scoring_system":"epss","scoring_elements":"0.45229","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00224","scoring_system":"epss","scoring_elements":"0.45211","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00224","scoring_system":"epss","scoring_elements":"0.45231","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30148"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/e99cfd62d160d145a76fcf9631e6b11226e42358","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T13:34:01Z/"}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/e99cfd62d160d145a76fcf9631e6b11226e42358"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/pull/11682","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/pull/11682"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-30148","reference_id":"CVE-2025-30148","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-30148"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2025-30148","reference_id":"CVE-2025-30148","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T13:34:01Z/"}],"url":"https://www.silverstripe.org/download/security-releases/cve-2025-30148"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2025-30148.yaml","reference_id":"CVE-2025-30148.YAML","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2025-30148.yaml"},{"reference_url":"https://github.com/advisories/GHSA-rhx4-hvx9-j387","reference_id":"GHSA-rhx4-hvx9-j387","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-rhx4-hvx9-j387"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-rhx4-hvx9-j387","reference_id":"GHSA-rhx4-hvx9-j387","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T13:34:01Z/"}],"url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-rhx4-hvx9-j387"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84817?format=json","purl":"pkg:composer/silverstripe/framework@5.3.23","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.3.23"}],"aliases":["CVE-2025-30148","GHSA-rhx4-hvx9-j387"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-79qx-v5uu-jyf2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56468?format=json","vulnerability_id":"VCID-86vg-4j71-hkgr","summary":"Silverstripe Framework has a XSS via insert media remote file oembed\nWhen using the \"insert media\" functionality, the linked oEmbed JSON includes an HTML attribute which will replace the embed shortcode. The HTML is not sanitized before replacing the shortcode, allowing a script payload to be executed on both the CMS and the front-end of the website.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47605","reference_id":"","reference_type":"","scores":[{"value":"0.07112","scoring_system":"epss","scoring_elements":"0.91696","published_at":"2026-06-07T12:55:00Z"},{"value":"0.07112","scoring_system":"epss","scoring_elements":"0.917","published_at":"2026-06-06T12:55:00Z"},{"value":"0.07112","scoring_system":"epss","scoring_elements":"0.91697","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47605"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/09b5052c86932f273e0d733428c9aade70ff2a4a","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:53:47Z/"}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/09b5052c86932f273e0d733428c9aade70ff2a4a"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52199.txt","reference_id":"CVE-2024-47605","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52199.txt"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47605","reference_id":"CVE-2024-47605","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47605"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2024-47605","reference_id":"CVE-2024-47605","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:53:47Z/"}],"url":"https://www.silverstripe.org/download/security-releases/cve-2024-47605"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2024-47605.yaml","reference_id":"CVE-2024-47605.YAML","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2024-47605.yaml"},{"reference_url":"https://github.com/advisories/GHSA-7cmp-cgg8-4c82","reference_id":"GHSA-7cmp-cgg8-4c82","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-7cmp-cgg8-4c82"},{"reference_url":"https://github.com/silverstripe/silverstripe-asset-admin/security/advisories/GHSA-7cmp-cgg8-4c82","reference_id":"GHSA-7cmp-cgg8-4c82","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:53:47Z/"}],"url":"https://github.com/silverstripe/silverstripe-asset-admin/security/advisories/GHSA-7cmp-cgg8-4c82"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83724?format=json","purl":"pkg:composer/silverstripe/framework@5.3.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-79qx-v5uu-jyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.3.8"},{"url":"http://public2.vulnerablecode.io/api/packages/794824?format=json","purl":"pkg:composer/silverstripe/framework@6.0.0-alpha1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@6.0.0-alpha1"}],"aliases":["CVE-2024-47605","GHSA-7cmp-cgg8-4c82"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-86vg-4j71-hkgr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56477?format=json","vulnerability_id":"VCID-8u5c-6vx3-mfcr","summary":"Silverstripe Framework has a Reflected Cross Site Scripting (XSS) in error message\n> [!IMPORTANT]\n> This vulnerability only affects sites which are in the \"dev\" environment mode. If your production website is in \"dev\" mode, it has been misconfigured, and you should immediately swap it to \"live\" mode.\n> See https://docs.silverstripe.org/en/developer_guides/debugging/environment_types/ for more information.\n\nIf a website has been set to the \"dev\" environment mode, a URL can be provided which includes an XSS payload which will be executed in the resulting error message.","references":[{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"0.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/a555dad4ec73c929f6316bcb4019eb325a5b77d8","reference_id":"","reference_type":"","scores":[{"value":"0.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/a555dad4ec73c929f6316bcb4019eb325a5b77d8"},{"reference_url":"https://www.silverstripe.org/download/security-releases/ss-2024-002","reference_id":"","reference_type":"","scores":[{"value":"0.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/ss-2024-002"},{"reference_url":"https://github.com/advisories/GHSA-mqf3-qpc3-g26q","reference_id":"GHSA-mqf3-qpc3-g26q","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-mqf3-qpc3-g26q"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-mqf3-qpc3-g26q","reference_id":"GHSA-mqf3-qpc3-g26q","reference_type":"","scores":[{"value":"0.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-mqf3-qpc3-g26q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83724?format=json","purl":"pkg:composer/silverstripe/framework@5.3.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-79qx-v5uu-jyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.3.8"},{"url":"http://public2.vulnerablecode.io/api/packages/794824?format=json","purl":"pkg:composer/silverstripe/framework@6.0.0-alpha1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@6.0.0-alpha1"}],"aliases":["GHSA-mqf3-qpc3-g26q"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8u5c-6vx3-mfcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46874?format=json","vulnerability_id":"VCID-9y5u-qyzd-3ud9","summary":"Exposure of Sensitive Information to an Unauthorized Actor\nSilverstripe Framework is the framework that forms the base of the Silverstripe content management system. Prior to versions 4.13.39 and 5.1.11, if a user should not be able to see a record, but that record can be added to a `GridField` using the `GridFieldAddExistingAutocompleter` component, the record's title can be accessed by that user. Versions 4.13.39 and 5.1.11 contain a fix for this issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-48714","reference_id":"","reference_type":"","scores":[{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45462","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45482","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45478","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-48714"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-48714.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-48714.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-48714","reference_id":"CVE-2023-48714","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-48714"},{"reference_url":"https://www.silverstripe.org/download/security-releases/CVE-2023-48714","reference_id":"CVE-2023-48714","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T23:32:05Z/"}],"url":"https://www.silverstripe.org/download/security-releases/CVE-2023-48714"},{"reference_url":"https://github.com/advisories/GHSA-qm2j-qvq3-j29v","reference_id":"GHSA-qm2j-qvq3-j29v","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qm2j-qvq3-j29v"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-qm2j-qvq3-j29v","reference_id":"GHSA-qm2j-qvq3-j29v","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T23:32:05Z/"}],"url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-qm2j-qvq3-j29v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/68579?format=json","purl":"pkg:composer/silverstripe/framework@4.13.39","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.13.39"},{"url":"http://public2.vulnerablecode.io/api/packages/68580?format=json","purl":"pkg:composer/silverstripe/framework@5.1.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.1.11"}],"aliases":["CVE-2023-48714","GHSA-qm2j-qvq3-j29v"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9y5u-qyzd-3ud9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45052?format=json","vulnerability_id":"VCID-a7cf-kpzy-xudd","summary":"URL Redirection to Untrusted Site ('Open Redirect')\nSilverstripe Framework is the Model-View-Controller framework that powers the Silverstripe content management system. Prior to version 4.12.15, an attacker can display a link to a third party website on a login screen by convincing a legitimate content author to follow a specially crafted link. Users should upgrade to Silverstripe Framework 4.12.15 or above to address the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22729","reference_id":"","reference_type":"","scores":[{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42323","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42248","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42307","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42334","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22729"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-22729.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-22729.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/1a5bb4cbece1721203977910b8ecd8b79c18dc77","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-31T16:10:14Z/"}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/1a5bb4cbece1721203977910b8ecd8b79c18dc77"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2023-22729","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/cve-2023-22729"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-22729","reference_id":"CVE-2023-22729","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-22729"},{"reference_url":"https://github.com/advisories/GHSA-fw84-xgm8-9jmv","reference_id":"GHSA-fw84-xgm8-9jmv","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fw84-xgm8-9jmv"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-fw84-xgm8-9jmv","reference_id":"GHSA-fw84-xgm8-9jmv","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-31T16:10:14Z/"}],"url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-fw84-xgm8-9jmv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/64977?format=json","purl":"pkg:composer/silverstripe/framework@4.12.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.12.5"}],"aliases":["CVE-2023-22729","GHSA-fw84-xgm8-9jmv"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a7cf-kpzy-xudd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45758?format=json","vulnerability_id":"VCID-gnpw-s9hp-wqfs","summary":"Improper Input Validation\nSilverstripe Framework is the MVC framework that powers Silverstripe CMS. When a new member record is created and a password is not set, an empty encrypted password is generated. As a result, if someone is aware of the existence of a member record associated with a specific email address, they can potentially attempt to log in using that empty password. Although the default member authenticator and login form require a non-empty password, alternative authentication methods might still permit a successful login with the empty password. This issue has been patched in versions 4.13.4 and 5.0.13.","references":[{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-32302.yaml","reference_id":"","reference_type":"","scores":[{"value":"0.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-32302.yaml"},{"reference_url":"https://github.com/github/advisory-database/pull/2575","reference_id":"","reference_type":"","scores":[{"value":"0.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/github/advisory-database/pull/2575"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"0.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/7b21b38ac4532d06565dfcefad50540ebd2b50f4","reference_id":"","reference_type":"","scores":[{"value":"0.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/7b21b38ac4532d06565dfcefad50540ebd2b50f4"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/releases/tag/4.13.14","reference_id":"","reference_type":"","scores":[{"value":"0.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/releases/tag/4.13.14"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/releases/tag/5.0.13","reference_id":"","reference_type":"","scores":[{"value":"0.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/releases/tag/5.0.13"},{"reference_url":"https://www.silverstripe.org/download/security-releases/CVE-2023-32302","reference_id":"","reference_type":"","scores":[{"value":"0.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/CVE-2023-32302"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-32302","reference_id":"CVE-2023-32302","reference_type":"","scores":[{"value":"0.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-32302"},{"reference_url":"https://github.com/advisories/GHSA-36xx-7vf6-7mv3","reference_id":"GHSA-36xx-7vf6-7mv3","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-36xx-7vf6-7mv3"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-36xx-7vf6-7mv3","reference_id":"GHSA-36xx-7vf6-7mv3","reference_type":"","scores":[{"value":"0.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-36xx-7vf6-7mv3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66345?format=json","purl":"pkg:composer/silverstripe/framework@4.13.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.13.14"},{"url":"http://public2.vulnerablecode.io/api/packages/66346?format=json","purl":"pkg:composer/silverstripe/framework@5.0.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.0.13"}],"aliases":["CVE-2023-32302","GHSA-36xx-7vf6-7mv3"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gnpw-s9hp-wqfs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55532?format=json","vulnerability_id":"VCID-k46z-g6jp-57ek","summary":"Silverstripe uses TinyMCE which allows svg files linked in object tags\nTinyMCE v6 has a configuration value `convert_unsafe_embeds` set to `false` which allows svg files containing javascript to be used in `<object>` or `<embed>` tags, which can be used as a vector for XSS attacks.\n\nNote that `<embed>` tags are not allowed by default.\n\nAfter patching the default value of `convert_unsafe_embeds` will be set to `true`. This means that `<object>` tags will be converted to iframes instead the next time the page is saved, which may break any pages that rely upon previously saved `<object>` tags. Developers can override this configuration if desired to revert to the original behaviour.\n\nWe reviewed the potential impact of this vulnerability within the context of Silverstripe CMS. We concluded this is a medium impact vulnerability given how TinyMCE is used by Silverstripe CMS.","references":[{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2024-001.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2024-001.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://www.silverstripe.org/download/security-releases/ss-2024-001","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/ss-2024-001"},{"reference_url":"https://github.com/advisories/GHSA-52cw-pvq9-9m5v","reference_id":"GHSA-52cw-pvq9-9m5v","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-52cw-pvq9-9m5v"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-52cw-pvq9-9m5v","reference_id":"GHSA-52cw-pvq9-9m5v","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-52cw-pvq9-9m5v"},{"reference_url":"https://github.com/advisories/GHSA-5359-pvf2-pw78","reference_id":"GHSA-5359-pvf2-pw78","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5359-pvf2-pw78"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82195?format=json","purl":"pkg:composer/silverstripe/framework@5.2.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.2.16"}],"aliases":["GHSA-52cw-pvq9-9m5v"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k46z-g6jp-57ek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55529?format=json","vulnerability_id":"VCID-ky21-z2d2-sye6","summary":"Silverstripe Framework has a Cross-site Scripting vulnerability with encoded payload\nA bad actor with access to edit content in the CMS could send a specifically crafted encoded payload to the server, which could be used to inject a JavaScript payload on the front end of the site. The payload would be sanitised on the client-side, but server-side sanitisation doesn't catch it.\n\nThe server-side sanitisation logic has been updated to sanitise against this type of attack.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32981","reference_id":"","reference_type":"","scores":[{"value":"0.0105","scoring_system":"epss","scoring_elements":"0.7791","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0105","scoring_system":"epss","scoring_elements":"0.77907","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0105","scoring_system":"epss","scoring_elements":"0.77917","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32981"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/b8d20dc9d531550e06fd7da7a0eafa551922e2e1","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T13:18:39Z/"}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/b8d20dc9d531550e06fd7da7a0eafa551922e2e1"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-32981","reference_id":"CVE-2024-32981","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-32981"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2024-32981","reference_id":"CVE-2024-32981","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T13:18:39Z/"}],"url":"https://www.silverstripe.org/download/security-releases/cve-2024-32981"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2024-32981.yaml","reference_id":"CVE-2024-32981.YAML","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2024-32981.yaml"},{"reference_url":"https://github.com/advisories/GHSA-chx7-9x8h-r5mg","reference_id":"GHSA-chx7-9x8h-r5mg","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-chx7-9x8h-r5mg"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-chx7-9x8h-r5mg","reference_id":"GHSA-chx7-9x8h-r5mg","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T13:18:39Z/"}],"url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-chx7-9x8h-r5mg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82195?format=json","purl":"pkg:composer/silverstripe/framework@5.2.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.2.16"}],"aliases":["CVE-2024-32981","GHSA-chx7-9x8h-r5mg"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ky21-z2d2-sye6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45062?format=json","vulnerability_id":"VCID-zdge-zsmz-8ud9","summary":"Missing Authorization\nSilverstripe Framework is the Model-View-Controller framework that powers the Silverstripe content management system. Prior to version 4.12.15, the GridField print view incorrectly validates the permission of DataObjects potentially allowing a content author to view records they are not authorised to access. Users should upgrade to Silverstripe Framework 4.12.15 or above to address the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22728","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17315","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17279","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17318","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.1724","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22728"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-22728.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-22728.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/fd5d8217e83768d7bf841e94b2d4d82642d5bc58","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-31T16:10:52Z/"}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/fd5d8217e83768d7bf841e94b2d4d82642d5bc58"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2023-22728","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/cve-2023-22728"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-22728","reference_id":"CVE-2023-22728","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-22728"},{"reference_url":"https://github.com/advisories/GHSA-jh3w-6jp2-vqqm","reference_id":"GHSA-jh3w-6jp2-vqqm","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jh3w-6jp2-vqqm"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-jh3w-6jp2-vqqm","reference_id":"GHSA-jh3w-6jp2-vqqm","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-31T16:10:52Z/"}],"url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-jh3w-6jp2-vqqm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/64977?format=json","purl":"pkg:composer/silverstripe/framework@4.12.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.12.5"}],"aliases":["CVE-2023-22728","GHSA-jh3w-6jp2-vqqm"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zdge-zsmz-8ud9"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37828?format=json","vulnerability_id":"VCID-3snr-vtda-jqdj","summary":"Cross-site Scripting\nXSS In rewritten hash links.","references":[{"reference_url":"https://www.silverstripe.org/software/download/security-releases/ss-2015-009-xss-in-rewritten-hash-links/","reference_id":"","reference_type":"","scores":[],"url":"https://www.silverstripe.org/software/download/security-releases/ss-2015-009-xss-in-rewritten-hash-links/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52217?format=json","purl":"pkg:composer/silverstripe/framework@3.0.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-4n9x-x4kd-jyfu"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-5ztp-wmty-aybx"},{"vulnerability":"VCID-78b6-1v3w-qfc3"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7bpb-cgj3-b7ay"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8m1h-utem-jud3"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-96f5-5qyr-g7d5"},{"vulnerability":"VCID-9hf4-djcv-67d7"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b7xq-cz8w-ubgm"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-cqjc-tsv5-7beg"},{"vulnerability":"VCID-ecy2-x3a9-qbbx"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-h4k6-fruf-uqff"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-heyh-s54f-8qap"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nu3h-nb1g-67bs"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-sfyd-qn7r-eqdg"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-uyxp-7fh1-77cg"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-wmfv-vtnz-bkad"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-xsgv-a7bd-fqh8"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-yfuu-th6b-nba4"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zca8-91sf-qkb4"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.0.13"},{"url":"http://public2.vulnerablecode.io/api/packages/200782?format=json","purl":"pkg:composer/silverstripe/framework@3.1.0-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-4n9x-x4kd-jyfu"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8m1h-utem-jud3"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-96f5-5qyr-g7d5"},{"vulnerability":"VCID-9hf4-djcv-67d7"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b7xq-cz8w-ubgm"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-cqjc-tsv5-7beg"},{"vulnerability":"VCID-ecy2-x3a9-qbbx"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-h4k6-fruf-uqff"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-heyh-s54f-8qap"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nu3h-nb1g-67bs"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-sfyd-qn7r-eqdg"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-xsgv-a7bd-fqh8"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-yfuu-th6b-nba4"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zca8-91sf-qkb4"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.1.0-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/51943?format=json","purl":"pkg:composer/silverstripe/framework@3.1.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-4h4a-xgrk-d7ec"},{"vulnerability":"VCID-4n9x-x4kd-jyfu"},{"vulnerability":"VCID-554z-dzgc-2fgz"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-5ztp-wmty-aybx"},{"vulnerability":"VCID-78b6-1v3w-qfc3"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7bpb-cgj3-b7ay"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8m1h-utem-jud3"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9hf4-djcv-67d7"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b7xq-cz8w-ubgm"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-cqjc-tsv5-7beg"},{"vulnerability":"VCID-ecy2-x3a9-qbbx"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-h4k6-fruf-uqff"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-heyh-s54f-8qap"},{"vulnerability":"VCID-hnhv-qx7p-wqcw"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nu3h-nb1g-67bs"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-puvt-j32v-77eh"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qj5k-bcw3-5fgq"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-rrmd-ud59-ffbp"},{"vulnerability":"VCID-sfyd-qn7r-eqdg"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-twrb-6j51-aqcy"},{"vulnerability":"VCID-ue4x-s1c4-zkcz"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-uyxp-7fh1-77cg"},{"vulnerability":"VCID-vatm-1vbd-bfam"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-wmfv-vtnz-bkad"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-xsgv-a7bd-fqh8"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-yfuu-th6b-nba4"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zca8-91sf-qkb4"},{"vulnerability":"VCID-zckr-zxq4-jyev"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.1.12"},{"url":"http://public2.vulnerablecode.io/api/packages/199456?format=json","purl":"pkg:composer/silverstripe/framework@4.12.0-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.12.0-rc1"}],"aliases":["SS-2015-009-1"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3snr-vtda-jqdj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37943?format=json","vulnerability_id":"VCID-4n9x-x4kd-jyfu","summary":"XSS vulnerability in form field validation\nA high level XSS risk has been identified in the encoding of validation messages in certain FormField classes. Certain fields such as the `NumericField` and `DropdownField` have been identified, but any form field which presents any invalid content as a part of its validation response will be at risk.","references":[{"reference_url":"http://www.silverstripe.org/download/security-releases/ss-2015-026/","reference_id":"","reference_type":"","scores":[],"url":"http://www.silverstripe.org/download/security-releases/ss-2015-026/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52403?format=json","purl":"pkg:composer/silverstripe/framework@3.1.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-4h4a-xgrk-d7ec"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9hf4-djcv-67d7"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-cqjc-tsv5-7beg"},{"vulnerability":"VCID-ecy2-x3a9-qbbx"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-heyh-s54f-8qap"},{"vulnerability":"VCID-hnhv-qx7p-wqcw"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qj5k-bcw3-5fgq"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-rrmd-ud59-ffbp"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-vatm-1vbd-bfam"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-xsgv-a7bd-fqh8"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.1.16"},{"url":"http://public2.vulnerablecode.io/api/packages/201700?format=json","purl":"pkg:composer/silverstripe/framework@3.2.0-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-h4k6-fruf-uqff"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nu3h-nb1g-67bs"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-xsgv-a7bd-fqh8"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-yfuu-th6b-nba4"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.2.0-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/52397?format=json","purl":"pkg:composer/silverstripe/framework@3.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9hf4-djcv-67d7"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-cqjc-tsv5-7beg"},{"vulnerability":"VCID-ecy2-x3a9-qbbx"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-heyh-s54f-8qap"},{"vulnerability":"VCID-hnhv-qx7p-wqcw"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qj5k-bcw3-5fgq"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-rrmd-ud59-ffbp"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-vatm-1vbd-bfam"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/199456?format=json","purl":"pkg:composer/silverstripe/framework@4.12.0-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.12.0-rc1"}],"aliases":["SS-2015-026"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4n9x-x4kd-jyfu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52270?format=json","vulnerability_id":"VCID-5dt7-nc8t-nqgh","summary":"Cross-site Scripting\nSilverStripe allows Reflected XSS on the login form and custom forms. Silverstripe Forms allow malicious HTML or JavaScript to be inserted through non-scalar `FormField` attributes, which allows performing XSS (Cross-Site Scripting) on some forms built with user input (Request data). This can lead to phishing attempts to obtain a user's credentials or other sensitive user input.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19325","reference_id":"","reference_type":"","scores":[{"value":"0.00359","scoring_system":"epss","scoring_elements":"0.58427","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00359","scoring_system":"epss","scoring_elements":"0.58436","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00359","scoring_system":"epss","scoring_elements":"0.5838","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19325"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-19325.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-19325.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/49fda52b12ba59f0a04bcabf78425586a8779e89","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/49fda52b12ba59f0a04bcabf78425586a8779e89"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-19325","reference_id":"CVE-2019-19325","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-19325"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2019-19325","reference_id":"CVE-2019-19325","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/cve-2019-19325"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2019-19325/","reference_id":"CVE-2019-19325","reference_type":"","scores":[],"url":"https://www.silverstripe.org/download/security-releases/cve-2019-19325/"},{"reference_url":"https://github.com/advisories/GHSA-qvrv-2x7x-78x2","reference_id":"GHSA-qvrv-2x7x-78x2","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qvrv-2x7x-78x2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/76708?format=json","purl":"pkg:composer/silverstripe/framework@4.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-24a5-ruc4-bycq"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7gak-15m5-j3f5"},{"vulnerability":"VCID-7w7t-3783-1kbs"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9t4k-8hsz-bfdw"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-ca4q-xd4v-vqfe"},{"vulnerability":"VCID-fmfu-81xu-pfdy"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-xm4q-u96p-57dd"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.4.5"},{"url":"http://public2.vulnerablecode.io/api/packages/249187?format=json","purl":"pkg:composer/silverstripe/framework@4.5.0-alpha1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-24a5-ruc4-bycq"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7gak-15m5-j3f5"},{"vulnerability":"VCID-7w7t-3783-1kbs"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9t4k-8hsz-bfdw"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-ca4q-xd4v-vqfe"},{"vulnerability":"VCID-fmfu-81xu-pfdy"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-xm4q-u96p-57dd"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.5.0-alpha1"},{"url":"http://public2.vulnerablecode.io/api/packages/76709?format=json","purl":"pkg:composer/silverstripe/framework@4.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-24a5-ruc4-bycq"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7gak-15m5-j3f5"},{"vulnerability":"VCID-7w7t-3783-1kbs"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9t4k-8hsz-bfdw"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-ca4q-xd4v-vqfe"},{"vulnerability":"VCID-fmfu-81xu-pfdy"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-xm4q-u96p-57dd"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.5.2"},{"url":"http://public2.vulnerablecode.io/api/packages/199456?format=json","purl":"pkg:composer/silverstripe/framework@4.12.0-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.12.0-rc1"}],"aliases":["CVE-2019-19325","GHSA-qvrv-2x7x-78x2"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5dt7-nc8t-nqgh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37806?format=json","vulnerability_id":"VCID-8jxx-tgck-fuf1","summary":"Cross-site Scripting\nXSS In GridField print.","references":[{"reference_url":"https://www.silverstripe.org/software/download/security-releases/ss-2015-006/","reference_id":"","reference_type":"","scores":[],"url":"https://www.silverstripe.org/software/download/security-releases/ss-2015-006/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52151?format=json","purl":"pkg:composer/silverstripe/framework@3.1.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3snr-vtda-jqdj"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-4h4a-xgrk-d7ec"},{"vulnerability":"VCID-4n9x-x4kd-jyfu"},{"vulnerability":"VCID-554z-dzgc-2fgz"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-5ztp-wmty-aybx"},{"vulnerability":"VCID-78b6-1v3w-qfc3"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7bpb-cgj3-b7ay"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-7j9y-p9s4-y7bg"},{"vulnerability":"VCID-7u7w-z8e3-aygf"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8m1h-utem-jud3"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-8xwp-xd3k-fqaz"},{"vulnerability":"VCID-96f5-5qyr-g7d5"},{"vulnerability":"VCID-9hf4-djcv-67d7"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b7xq-cz8w-ubgm"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-cqjc-tsv5-7beg"},{"vulnerability":"VCID-cscn-9erz-dfh1"},{"vulnerability":"VCID-ecy2-x3a9-qbbx"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-h4k6-fruf-uqff"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-heyh-s54f-8qap"},{"vulnerability":"VCID-hnhv-qx7p-wqcw"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-kgf1-m5hq-1yay"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nu3h-nb1g-67bs"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-puvt-j32v-77eh"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qj5k-bcw3-5fgq"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-rrmd-ud59-ffbp"},{"vulnerability":"VCID-sfyd-qn7r-eqdg"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-twrb-6j51-aqcy"},{"vulnerability":"VCID-ue4x-s1c4-zkcz"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-uyxp-7fh1-77cg"},{"vulnerability":"VCID-vatm-1vbd-bfam"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-wmfv-vtnz-bkad"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-xsgv-a7bd-fqh8"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-yfuu-th6b-nba4"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zca8-91sf-qkb4"},{"vulnerability":"VCID-zckr-zxq4-jyev"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.1.10"},{"url":"http://public2.vulnerablecode.io/api/packages/199456?format=json","purl":"pkg:composer/silverstripe/framework@4.12.0-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.12.0-rc1"}],"aliases":["SS-2015-006-1"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8jxx-tgck-fuf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37802?format=json","vulnerability_id":"VCID-8wmb-64qq-7uh2","summary":"Cross-site Scripting\nXSS In FormAction.","references":[{"reference_url":"https://www.silverstripe.org/software/download/security-releases/ss-2015-007/","reference_id":"","reference_type":"","scores":[],"url":"https://www.silverstripe.org/software/download/security-releases/ss-2015-007/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52151?format=json","purl":"pkg:composer/silverstripe/framework@3.1.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3snr-vtda-jqdj"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-4h4a-xgrk-d7ec"},{"vulnerability":"VCID-4n9x-x4kd-jyfu"},{"vulnerability":"VCID-554z-dzgc-2fgz"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-5ztp-wmty-aybx"},{"vulnerability":"VCID-78b6-1v3w-qfc3"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7bpb-cgj3-b7ay"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-7j9y-p9s4-y7bg"},{"vulnerability":"VCID-7u7w-z8e3-aygf"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8m1h-utem-jud3"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-8xwp-xd3k-fqaz"},{"vulnerability":"VCID-96f5-5qyr-g7d5"},{"vulnerability":"VCID-9hf4-djcv-67d7"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b7xq-cz8w-ubgm"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-cqjc-tsv5-7beg"},{"vulnerability":"VCID-cscn-9erz-dfh1"},{"vulnerability":"VCID-ecy2-x3a9-qbbx"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-h4k6-fruf-uqff"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-heyh-s54f-8qap"},{"vulnerability":"VCID-hnhv-qx7p-wqcw"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-kgf1-m5hq-1yay"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nu3h-nb1g-67bs"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-puvt-j32v-77eh"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qj5k-bcw3-5fgq"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-rrmd-ud59-ffbp"},{"vulnerability":"VCID-sfyd-qn7r-eqdg"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-twrb-6j51-aqcy"},{"vulnerability":"VCID-ue4x-s1c4-zkcz"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-uyxp-7fh1-77cg"},{"vulnerability":"VCID-vatm-1vbd-bfam"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-wmfv-vtnz-bkad"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-xsgv-a7bd-fqh8"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-yfuu-th6b-nba4"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zca8-91sf-qkb4"},{"vulnerability":"VCID-zckr-zxq4-jyev"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.1.10"},{"url":"http://public2.vulnerablecode.io/api/packages/199456?format=json","purl":"pkg:composer/silverstripe/framework@4.12.0-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.12.0-rc1"}],"aliases":["SS-2015-007-1"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8wmb-64qq-7uh2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37827?format=json","vulnerability_id":"VCID-8xwp-xd3k-fqaz","summary":"IE requests issue\nIE requests not properly behaving with `rewritehashlinks`.","references":[{"reference_url":"https://www.silverstripe.org/software/download/security-releases/ss-2014-015-ie-requests-not-properly-behaving-with-rewritehashlinks/","reference_id":"","reference_type":"","scores":[],"url":"https://www.silverstripe.org/software/download/security-releases/ss-2014-015-ie-requests-not-properly-behaving-with-rewritehashlinks/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52217?format=json","purl":"pkg:composer/silverstripe/framework@3.0.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-4n9x-x4kd-jyfu"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-5ztp-wmty-aybx"},{"vulnerability":"VCID-78b6-1v3w-qfc3"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7bpb-cgj3-b7ay"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8m1h-utem-jud3"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-96f5-5qyr-g7d5"},{"vulnerability":"VCID-9hf4-djcv-67d7"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b7xq-cz8w-ubgm"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-cqjc-tsv5-7beg"},{"vulnerability":"VCID-ecy2-x3a9-qbbx"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-h4k6-fruf-uqff"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-heyh-s54f-8qap"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nu3h-nb1g-67bs"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-sfyd-qn7r-eqdg"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-uyxp-7fh1-77cg"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-wmfv-vtnz-bkad"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-xsgv-a7bd-fqh8"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-yfuu-th6b-nba4"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zca8-91sf-qkb4"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.0.13"},{"url":"http://public2.vulnerablecode.io/api/packages/200782?format=json","purl":"pkg:composer/silverstripe/framework@3.1.0-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-4n9x-x4kd-jyfu"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8m1h-utem-jud3"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-96f5-5qyr-g7d5"},{"vulnerability":"VCID-9hf4-djcv-67d7"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b7xq-cz8w-ubgm"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-cqjc-tsv5-7beg"},{"vulnerability":"VCID-ecy2-x3a9-qbbx"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-h4k6-fruf-uqff"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-heyh-s54f-8qap"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nu3h-nb1g-67bs"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-sfyd-qn7r-eqdg"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-xsgv-a7bd-fqh8"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-yfuu-th6b-nba4"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zca8-91sf-qkb4"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.1.0-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/51943?format=json","purl":"pkg:composer/silverstripe/framework@3.1.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-4h4a-xgrk-d7ec"},{"vulnerability":"VCID-4n9x-x4kd-jyfu"},{"vulnerability":"VCID-554z-dzgc-2fgz"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-5ztp-wmty-aybx"},{"vulnerability":"VCID-78b6-1v3w-qfc3"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7bpb-cgj3-b7ay"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8m1h-utem-jud3"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9hf4-djcv-67d7"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b7xq-cz8w-ubgm"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-cqjc-tsv5-7beg"},{"vulnerability":"VCID-ecy2-x3a9-qbbx"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-h4k6-fruf-uqff"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-heyh-s54f-8qap"},{"vulnerability":"VCID-hnhv-qx7p-wqcw"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nu3h-nb1g-67bs"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-puvt-j32v-77eh"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qj5k-bcw3-5fgq"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-rrmd-ud59-ffbp"},{"vulnerability":"VCID-sfyd-qn7r-eqdg"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-twrb-6j51-aqcy"},{"vulnerability":"VCID-ue4x-s1c4-zkcz"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-uyxp-7fh1-77cg"},{"vulnerability":"VCID-vatm-1vbd-bfam"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-wmfv-vtnz-bkad"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-xsgv-a7bd-fqh8"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-yfuu-th6b-nba4"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zca8-91sf-qkb4"},{"vulnerability":"VCID-zckr-zxq4-jyev"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.1.12"},{"url":"http://public2.vulnerablecode.io/api/packages/199456?format=json","purl":"pkg:composer/silverstripe/framework@4.12.0-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.12.0-rc1"}],"aliases":["SS-2014-015-1"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8xwp-xd3k-fqaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37941?format=json","vulnerability_id":"VCID-h4k6-fruf-uqff","summary":"Insufficient sanitization in \"Add from URL\"\n\"Add from URL\" does not clearly sanitize URL server side in `HtmlEditorField_Toolbar`. The current logic will pass this through to Oembed, which will probably reject most dangerous URLs, but it's possible future changes would break this.","references":[{"reference_url":"http://www.silverstripe.org/download/security-releases/ss-2015-027/","reference_id":"","reference_type":"","scores":[],"url":"http://www.silverstripe.org/download/security-releases/ss-2015-027/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52397?format=json","purl":"pkg:composer/silverstripe/framework@3.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9hf4-djcv-67d7"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-cqjc-tsv5-7beg"},{"vulnerability":"VCID-ecy2-x3a9-qbbx"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-heyh-s54f-8qap"},{"vulnerability":"VCID-hnhv-qx7p-wqcw"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qj5k-bcw3-5fgq"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-rrmd-ud59-ffbp"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-vatm-1vbd-bfam"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/199456?format=json","purl":"pkg:composer/silverstripe/framework@4.12.0-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.12.0-rc1"}],"aliases":["SS-2015-027"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h4k6-fruf-uqff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38031?format=json","vulnerability_id":"VCID-hnhv-qx7p-wqcw","summary":"Cross-Site Request Forgery (CSRF)\nCSRF vulnerability in `GridFieldAddExistingAutocompleter`.","references":[{"reference_url":"https://www.silverstripe.org/download/security-releases/ss-2016-002/","reference_id":"","reference_type":"","scores":[],"url":"https://www.silverstripe.org/download/security-releases/ss-2016-002/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52530?format=json","purl":"pkg:composer/silverstripe/framework@3.1.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-4h4a-xgrk-d7ec"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9hf4-djcv-67d7"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qj5k-bcw3-5fgq"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-xsgv-a7bd-fqh8"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.1.17"},{"url":"http://public2.vulnerablecode.io/api/packages/201700?format=json","purl":"pkg:composer/silverstripe/framework@3.2.0-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-h4k6-fruf-uqff"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nu3h-nb1g-67bs"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-xsgv-a7bd-fqh8"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-yfuu-th6b-nba4"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.2.0-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/52531?format=json","purl":"pkg:composer/silverstripe/framework@3.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3svb-wudn-aybz"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9hf4-djcv-67d7"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qj5k-bcw3-5fgq"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/199456?format=json","purl":"pkg:composer/silverstripe/framework@4.12.0-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.12.0-rc1"}],"aliases":["SS-2016-002-1"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hnhv-qx7p-wqcw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37826?format=json","vulnerability_id":"VCID-kgf1-m5hq-1yay","summary":"Cross-site Scripting\nXSS in `Director::force_redirect()`.","references":[{"reference_url":"https://www.silverstripe.org/software/download/security-releases/ss-2015-010-xss-in-directorforce-redirect/","reference_id":"","reference_type":"","scores":[],"url":"https://www.silverstripe.org/software/download/security-releases/ss-2015-010-xss-in-directorforce-redirect/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/51943?format=json","purl":"pkg:composer/silverstripe/framework@3.1.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-4h4a-xgrk-d7ec"},{"vulnerability":"VCID-4n9x-x4kd-jyfu"},{"vulnerability":"VCID-554z-dzgc-2fgz"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-5ztp-wmty-aybx"},{"vulnerability":"VCID-78b6-1v3w-qfc3"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7bpb-cgj3-b7ay"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8m1h-utem-jud3"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9hf4-djcv-67d7"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b7xq-cz8w-ubgm"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-cqjc-tsv5-7beg"},{"vulnerability":"VCID-ecy2-x3a9-qbbx"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-h4k6-fruf-uqff"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-heyh-s54f-8qap"},{"vulnerability":"VCID-hnhv-qx7p-wqcw"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nu3h-nb1g-67bs"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-puvt-j32v-77eh"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qj5k-bcw3-5fgq"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-rrmd-ud59-ffbp"},{"vulnerability":"VCID-sfyd-qn7r-eqdg"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-twrb-6j51-aqcy"},{"vulnerability":"VCID-ue4x-s1c4-zkcz"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-uyxp-7fh1-77cg"},{"vulnerability":"VCID-vatm-1vbd-bfam"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-wmfv-vtnz-bkad"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-xsgv-a7bd-fqh8"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-yfuu-th6b-nba4"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zca8-91sf-qkb4"},{"vulnerability":"VCID-zckr-zxq4-jyev"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.1.12"},{"url":"http://public2.vulnerablecode.io/api/packages/199456?format=json","purl":"pkg:composer/silverstripe/framework@4.12.0-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.12.0-rc1"}],"aliases":["SS-2015-010-1"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kgf1-m5hq-1yay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37939?format=json","vulnerability_id":"VCID-nu3h-nb1g-67bs","summary":"Improper Input Validation\n`HtmlEditor` improper URL sanitisation.","references":[{"reference_url":"https://www.silverstripe.org/download/security-releases/ss-2015-027/","reference_id":"","reference_type":"","scores":[],"url":"https://www.silverstripe.org/download/security-releases/ss-2015-027/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52397?format=json","purl":"pkg:composer/silverstripe/framework@3.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9hf4-djcv-67d7"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-cqjc-tsv5-7beg"},{"vulnerability":"VCID-ecy2-x3a9-qbbx"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-heyh-s54f-8qap"},{"vulnerability":"VCID-hnhv-qx7p-wqcw"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qj5k-bcw3-5fgq"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-rrmd-ud59-ffbp"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-vatm-1vbd-bfam"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/199456?format=json","purl":"pkg:composer/silverstripe/framework@4.12.0-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.12.0-rc1"}],"aliases":["SS-2015-027-1"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nu3h-nb1g-67bs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37804?format=json","vulnerability_id":"VCID-rmsa-pfr6-zkg3","summary":"Cross-site Scripting\nTreeDropdownField and TreeMultiSelectField XSS.","references":[{"reference_url":"https://www.silverstripe.org/software/download/security-releases/ss-2015-004/","reference_id":"","reference_type":"","scores":[],"url":"https://www.silverstripe.org/software/download/security-releases/ss-2015-004/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52151?format=json","purl":"pkg:composer/silverstripe/framework@3.1.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3snr-vtda-jqdj"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-4h4a-xgrk-d7ec"},{"vulnerability":"VCID-4n9x-x4kd-jyfu"},{"vulnerability":"VCID-554z-dzgc-2fgz"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-5ztp-wmty-aybx"},{"vulnerability":"VCID-78b6-1v3w-qfc3"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7bpb-cgj3-b7ay"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-7j9y-p9s4-y7bg"},{"vulnerability":"VCID-7u7w-z8e3-aygf"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8m1h-utem-jud3"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-8xwp-xd3k-fqaz"},{"vulnerability":"VCID-96f5-5qyr-g7d5"},{"vulnerability":"VCID-9hf4-djcv-67d7"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b7xq-cz8w-ubgm"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-cqjc-tsv5-7beg"},{"vulnerability":"VCID-cscn-9erz-dfh1"},{"vulnerability":"VCID-ecy2-x3a9-qbbx"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-h4k6-fruf-uqff"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-heyh-s54f-8qap"},{"vulnerability":"VCID-hnhv-qx7p-wqcw"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-kgf1-m5hq-1yay"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nu3h-nb1g-67bs"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-puvt-j32v-77eh"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qj5k-bcw3-5fgq"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-rrmd-ud59-ffbp"},{"vulnerability":"VCID-sfyd-qn7r-eqdg"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-twrb-6j51-aqcy"},{"vulnerability":"VCID-ue4x-s1c4-zkcz"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-uyxp-7fh1-77cg"},{"vulnerability":"VCID-vatm-1vbd-bfam"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-wmfv-vtnz-bkad"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-xsgv-a7bd-fqh8"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-yfuu-th6b-nba4"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zca8-91sf-qkb4"},{"vulnerability":"VCID-zckr-zxq4-jyev"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.1.10"},{"url":"http://public2.vulnerablecode.io/api/packages/199456?format=json","purl":"pkg:composer/silverstripe/framework@4.12.0-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.12.0-rc1"}],"aliases":["SS-2015-004-1"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rmsa-pfr6-zkg3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38030?format=json","vulnerability_id":"VCID-rrmd-ud59-ffbp","summary":"Improper Authentication\n'Missing security check on `dev/build/defaults`.","references":[{"reference_url":"https://www.silverstripe.org/download/security-releases/ss-2015-028/","reference_id":"","reference_type":"","scores":[],"url":"https://www.silverstripe.org/download/security-releases/ss-2015-028/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52530?format=json","purl":"pkg:composer/silverstripe/framework@3.1.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-4h4a-xgrk-d7ec"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9hf4-djcv-67d7"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qj5k-bcw3-5fgq"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-xsgv-a7bd-fqh8"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.1.17"},{"url":"http://public2.vulnerablecode.io/api/packages/201700?format=json","purl":"pkg:composer/silverstripe/framework@3.2.0-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-h4k6-fruf-uqff"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nu3h-nb1g-67bs"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-xsgv-a7bd-fqh8"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-yfuu-th6b-nba4"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.2.0-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/52531?format=json","purl":"pkg:composer/silverstripe/framework@3.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3svb-wudn-aybz"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9hf4-djcv-67d7"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qj5k-bcw3-5fgq"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/199456?format=json","purl":"pkg:composer/silverstripe/framework@4.12.0-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.12.0-rc1"}],"aliases":["SS-2015-028-1"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rrmd-ud59-ffbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37735?format=json","vulnerability_id":"VCID-u6za-xw77-8kgx","summary":"Uncontrolled Resource Consumption\nXML Quadratic Blowup vulnerability.","references":[{"reference_url":"https://www.silverstripe.org/software/download/security-releases/ss-2014-017-xml-quadratic-blowup-attack/","reference_id":"","reference_type":"","scores":[],"url":"https://www.silverstripe.org/software/download/security-releases/ss-2014-017-xml-quadratic-blowup-attack/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/51943?format=json","purl":"pkg:composer/silverstripe/framework@3.1.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-4h4a-xgrk-d7ec"},{"vulnerability":"VCID-4n9x-x4kd-jyfu"},{"vulnerability":"VCID-554z-dzgc-2fgz"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-5ztp-wmty-aybx"},{"vulnerability":"VCID-78b6-1v3w-qfc3"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7bpb-cgj3-b7ay"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8m1h-utem-jud3"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9hf4-djcv-67d7"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b7xq-cz8w-ubgm"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-cqjc-tsv5-7beg"},{"vulnerability":"VCID-ecy2-x3a9-qbbx"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-h4k6-fruf-uqff"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-heyh-s54f-8qap"},{"vulnerability":"VCID-hnhv-qx7p-wqcw"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nu3h-nb1g-67bs"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-puvt-j32v-77eh"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qj5k-bcw3-5fgq"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-rrmd-ud59-ffbp"},{"vulnerability":"VCID-sfyd-qn7r-eqdg"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-twrb-6j51-aqcy"},{"vulnerability":"VCID-ue4x-s1c4-zkcz"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-uyxp-7fh1-77cg"},{"vulnerability":"VCID-vatm-1vbd-bfam"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-wmfv-vtnz-bkad"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-xsgv-a7bd-fqh8"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-yfuu-th6b-nba4"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zca8-91sf-qkb4"},{"vulnerability":"VCID-zckr-zxq4-jyev"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.1.12"},{"url":"http://public2.vulnerablecode.io/api/packages/199456?format=json","purl":"pkg:composer/silverstripe/framework@4.12.0-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.12.0-rc1"}],"aliases":["SS-2014-017-1"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u6za-xw77-8kgx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37857?format=json","vulnerability_id":"VCID-uyxp-7fh1-77cg","summary":"Code Injection\nVulnerability on `isDev`, `isTest` and `flush` `$_GET` validation.","references":[{"reference_url":"https://www.silverstripe.org/software/download/security-releases/ss-2015-014/","reference_id":"","reference_type":"","scores":[],"url":"https://www.silverstripe.org/software/download/security-releases/ss-2015-014/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52279?format=json","purl":"pkg:composer/silverstripe/framework@3.0.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-4n9x-x4kd-jyfu"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8m1h-utem-jud3"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-96f5-5qyr-g7d5"},{"vulnerability":"VCID-9hf4-djcv-67d7"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b7xq-cz8w-ubgm"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-cqjc-tsv5-7beg"},{"vulnerability":"VCID-ecy2-x3a9-qbbx"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-h4k6-fruf-uqff"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-heyh-s54f-8qap"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nu3h-nb1g-67bs"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-sfyd-qn7r-eqdg"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-xsgv-a7bd-fqh8"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-yfuu-th6b-nba4"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zca8-91sf-qkb4"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.0.14"},{"url":"http://public2.vulnerablecode.io/api/packages/200782?format=json","purl":"pkg:composer/silverstripe/framework@3.1.0-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-4n9x-x4kd-jyfu"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8m1h-utem-jud3"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-96f5-5qyr-g7d5"},{"vulnerability":"VCID-9hf4-djcv-67d7"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b7xq-cz8w-ubgm"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-cqjc-tsv5-7beg"},{"vulnerability":"VCID-ecy2-x3a9-qbbx"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-h4k6-fruf-uqff"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-heyh-s54f-8qap"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nu3h-nb1g-67bs"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-sfyd-qn7r-eqdg"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-xsgv-a7bd-fqh8"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-yfuu-th6b-nba4"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zca8-91sf-qkb4"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.1.0-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/52280?format=json","purl":"pkg:composer/silverstripe/framework@3.1.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-4h4a-xgrk-d7ec"},{"vulnerability":"VCID-4n9x-x4kd-jyfu"},{"vulnerability":"VCID-554z-dzgc-2fgz"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8m1h-utem-jud3"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9hf4-djcv-67d7"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b7xq-cz8w-ubgm"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-cqjc-tsv5-7beg"},{"vulnerability":"VCID-ecy2-x3a9-qbbx"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-h4k6-fruf-uqff"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-heyh-s54f-8qap"},{"vulnerability":"VCID-hnhv-qx7p-wqcw"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nu3h-nb1g-67bs"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qj5k-bcw3-5fgq"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-rrmd-ud59-ffbp"},{"vulnerability":"VCID-sfyd-qn7r-eqdg"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-twrb-6j51-aqcy"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-vatm-1vbd-bfam"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-xsgv-a7bd-fqh8"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-yfuu-th6b-nba4"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zca8-91sf-qkb4"},{"vulnerability":"VCID-zckr-zxq4-jyev"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.1.13"},{"url":"http://public2.vulnerablecode.io/api/packages/199456?format=json","purl":"pkg:composer/silverstripe/framework@4.12.0-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.12.0-rc1"}],"aliases":["SS-2015-014-1"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uyxp-7fh1-77cg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38032?format=json","vulnerability_id":"VCID-vatm-1vbd-bfam","summary":"SS-2016-003: Hostname, IP and Protocol Spoofing through HTTP Headers","references":[{"reference_url":"https://www.silverstripe.org/download/security-releases/ss-2016-003/","reference_id":"","reference_type":"","scores":[],"url":"https://www.silverstripe.org/download/security-releases/ss-2016-003/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52530?format=json","purl":"pkg:composer/silverstripe/framework@3.1.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-4h4a-xgrk-d7ec"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9hf4-djcv-67d7"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qj5k-bcw3-5fgq"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-xsgv-a7bd-fqh8"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.1.17"},{"url":"http://public2.vulnerablecode.io/api/packages/201700?format=json","purl":"pkg:composer/silverstripe/framework@3.2.0-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-h4k6-fruf-uqff"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nu3h-nb1g-67bs"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-xsgv-a7bd-fqh8"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-yfuu-th6b-nba4"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.2.0-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/52531?format=json","purl":"pkg:composer/silverstripe/framework@3.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3svb-wudn-aybz"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9hf4-djcv-67d7"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qj5k-bcw3-5fgq"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/199456?format=json","purl":"pkg:composer/silverstripe/framework@4.12.0-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.12.0-rc1"}],"aliases":["SS-2016-003-1"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vatm-1vbd-bfam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37855?format=json","vulnerability_id":"VCID-wmfv-vtnz-bkad","summary":"Potential SQL Injection Vulnerability in silverstripe.","references":[{"reference_url":"https://www.silverstripe.org/software/download/security-releases/ss-2015-011/","reference_id":"","reference_type":"","scores":[],"url":"https://www.silverstripe.org/software/download/security-releases/ss-2015-011/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52279?format=json","purl":"pkg:composer/silverstripe/framework@3.0.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-4n9x-x4kd-jyfu"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8m1h-utem-jud3"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-96f5-5qyr-g7d5"},{"vulnerability":"VCID-9hf4-djcv-67d7"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b7xq-cz8w-ubgm"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-cqjc-tsv5-7beg"},{"vulnerability":"VCID-ecy2-x3a9-qbbx"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-h4k6-fruf-uqff"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-heyh-s54f-8qap"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nu3h-nb1g-67bs"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-sfyd-qn7r-eqdg"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-xsgv-a7bd-fqh8"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-yfuu-th6b-nba4"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zca8-91sf-qkb4"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.0.14"},{"url":"http://public2.vulnerablecode.io/api/packages/200782?format=json","purl":"pkg:composer/silverstripe/framework@3.1.0-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-4n9x-x4kd-jyfu"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8m1h-utem-jud3"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-96f5-5qyr-g7d5"},{"vulnerability":"VCID-9hf4-djcv-67d7"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b7xq-cz8w-ubgm"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-cqjc-tsv5-7beg"},{"vulnerability":"VCID-ecy2-x3a9-qbbx"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-h4k6-fruf-uqff"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-heyh-s54f-8qap"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nu3h-nb1g-67bs"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-sfyd-qn7r-eqdg"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-xsgv-a7bd-fqh8"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-yfuu-th6b-nba4"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zca8-91sf-qkb4"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.1.0-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/52280?format=json","purl":"pkg:composer/silverstripe/framework@3.1.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-4h4a-xgrk-d7ec"},{"vulnerability":"VCID-4n9x-x4kd-jyfu"},{"vulnerability":"VCID-554z-dzgc-2fgz"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8m1h-utem-jud3"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9hf4-djcv-67d7"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b7xq-cz8w-ubgm"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-cqjc-tsv5-7beg"},{"vulnerability":"VCID-ecy2-x3a9-qbbx"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-h4k6-fruf-uqff"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-heyh-s54f-8qap"},{"vulnerability":"VCID-hnhv-qx7p-wqcw"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nu3h-nb1g-67bs"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qj5k-bcw3-5fgq"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-rrmd-ud59-ffbp"},{"vulnerability":"VCID-sfyd-qn7r-eqdg"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-twrb-6j51-aqcy"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-vatm-1vbd-bfam"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-xsgv-a7bd-fqh8"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-yfuu-th6b-nba4"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zca8-91sf-qkb4"},{"vulnerability":"VCID-zckr-zxq4-jyev"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.1.13"},{"url":"http://public2.vulnerablecode.io/api/packages/199456?format=json","purl":"pkg:composer/silverstripe/framework@4.12.0-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.12.0-rc1"}],"aliases":["SS-2015-011-1"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wmfv-vtnz-bkad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37938?format=json","vulnerability_id":"VCID-yfuu-th6b-nba4","summary":"Cross-site Scripting\nForm field validation message XSS vulnerability.","references":[{"reference_url":"https://www.silverstripe.org/download/security-releases/ss-2015-026/","reference_id":"","reference_type":"","scores":[],"url":"https://www.silverstripe.org/download/security-releases/ss-2015-026/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52397?format=json","purl":"pkg:composer/silverstripe/framework@3.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-1p79-328x-sueq"},{"vulnerability":"VCID-1uhv-fetz-j7fd"},{"vulnerability":"VCID-36z3-nafq-6kez"},{"vulnerability":"VCID-3x46-q9cb-7ubg"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-7ek4-6y31-1qcs"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9hf4-djcv-67d7"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-at1s-qxsg-5yfs"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-b95v-49p7-fkas"},{"vulnerability":"VCID-c437-w2zy-y7c9"},{"vulnerability":"VCID-c6bz-jwhm-vkgp"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-cqjc-tsv5-7beg"},{"vulnerability":"VCID-ecy2-x3a9-qbbx"},{"vulnerability":"VCID-evh4-xq48-4fa6"},{"vulnerability":"VCID-ewg1-jqza-eyez"},{"vulnerability":"VCID-ggbg-8mtc-hudc"},{"vulnerability":"VCID-gkkp-9fm7-jfaz"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-hcuz-gz3w-97ew"},{"vulnerability":"VCID-heyh-s54f-8qap"},{"vulnerability":"VCID-hnhv-qx7p-wqcw"},{"vulnerability":"VCID-hnme-cqff-c7dp"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-m5rs-qptc-vued"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-n4fk-735u-2baw"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-pkve-yjqy-syc2"},{"vulnerability":"VCID-q939-fszs-wfdp"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-qj5k-bcw3-5fgq"},{"vulnerability":"VCID-qmfy-dxag-uuex"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-rrmd-ud59-ffbp"},{"vulnerability":"VCID-sg62-98yy-2kd7"},{"vulnerability":"VCID-t81f-5b8z-hyht"},{"vulnerability":"VCID-tv7h-289s-xub4"},{"vulnerability":"VCID-umhc-fdfh-1fdx"},{"vulnerability":"VCID-uy47-3s8a-hbdn"},{"vulnerability":"VCID-vatm-1vbd-bfam"},{"vulnerability":"VCID-wgdv-etcq-3qhw"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-z28b-1yrx-1bbn"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/199456?format=json","purl":"pkg:composer/silverstripe/framework@4.12.0-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sx-j3x7-gkcr"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-5cfa-whq6-9ucp"},{"vulnerability":"VCID-79qx-v5uu-jyf2"},{"vulnerability":"VCID-86vg-4j71-hkgr"},{"vulnerability":"VCID-8u5c-6vx3-mfcr"},{"vulnerability":"VCID-9y5u-qyzd-3ud9"},{"vulnerability":"VCID-a7cf-kpzy-xudd"},{"vulnerability":"VCID-gnpw-s9hp-wqfs"},{"vulnerability":"VCID-k46z-g6jp-57ek"},{"vulnerability":"VCID-ky21-z2d2-sye6"},{"vulnerability":"VCID-zdge-zsmz-8ud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.12.0-rc1"}],"aliases":["SS-2015-026-1"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yfuu-th6b-nba4"}],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.12.0-rc1"}