Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
silverstripe framework vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-38724
Silverstripe silverstripe/framework up to and including 4.11.0, silverstripe/assets up to and including 1.11.0, and silverstripe/asset-admin up to and including 1.11.0 allow XSS.
Silverstripe Asset Admin
Silverstripe Assets
Silverstripe Framework
NA
CVE-2022-38145
Silverstripe silverstripe/framework up to and including 4.11 allows XSS (issue 1 of 3) via remote attackers adding a Javascript payload to a page's meta description and get it executed in the versioned history compare view.
Silverstripe Framework
3.5
CVSSv2
CVE-2022-25238
Silverstripe silverstripe/framework up to and including 4.10.0 allows XSS, inside of script tags that can can be added to website content via XHR by an authenticated CMS user if the cwp-core module is not installed on the sanitise_server_side contig is not set to true in project ...
Silverstripe Framework
NA
CVE-2022-38462
Silverstripe silverstripe/framework up to and including 4.11 is vulnerable to XSS by carefully crafting a return URL on a /dev/build or /Security/login request.
Silverstripe Framework
NA
CVE-2023-22728
Silverstripe Framework is the Model-View-Controller framework that powers the Silverstripe content management system. Prior to version 4.12.15, the GridField print view incorrectly validates the permission of DataObjects potentially allowing a content author to view records they ...
Silverstripe Framework
NA
CVE-2023-22729
Silverstripe Framework is the Model-View-Controller framework that powers the Silverstripe content management system. Prior to version 4.12.15, an attacker can display a link to a third party website on a login screen by convincing a legitimate content author to follow a speciall...
Silverstripe Framework
NA
CVE-2022-37429
Silverstripe silverstripe/framework up to and including 4.11 allows XSS (issue 1 of 2) via JavaScript payload to the href attribute of a link by splitting a javascript URL with white space characters.
Silverstripe Framework
NA
CVE-2022-37430
Silverstripe silverstripe/framework up to and including 4.11 allows XSS vulnerability via href attribute of a link (issue 2 of 2).
Silverstripe Framework
NA
CVE-2023-48714
Silverstripe Framework is the framework that forms the base of the Silverstripe content management system. Prior to versions 4.13.39 and 5.1.11, if a user should not be able to see a record, but that record can be added to a `GridField` using the `GridFieldAddExistingAutocomplete...
Silverstripe Framework
NA
CVE-2022-38146
Silverstripe silverstripe/framework up to and including 4.11 allows XSS (issue 2 of 3).
Silverstripe Framework
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »