Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
silverstripe vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-42949
Silverstripe silverstripe/subsites up to and including 2.6.0 has Insecure Permissions.
Silverstripe Subsites
NA
CVE-2023-49783
Silverstripe Admin provides a basic management interface for the Silverstripe Framework. In versions on the 1.x branch before 1.13.19 and on the 2.x branch before 2.1.8, users who don't have edit or delete permissions for records exposed in a `ModelAdmin` can still edit or d...
Silverstripe Admin
NA
CVE-2022-38147
Silverstripe silverstripe/framework up to and including 4.11 allows XSS (issue 3 of 3).
Silverstripe Framework
NA
CVE-2023-22728
Silverstripe Framework is the Model-View-Controller framework that powers the Silverstripe content management system. Prior to version 4.12.15, the GridField print view incorrectly validates the permission of DataObjects potentially allowing a content author to view records they ...
Silverstripe Framework
NA
CVE-2023-22729
Silverstripe Framework is the Model-View-Controller framework that powers the Silverstripe content management system. Prior to version 4.12.15, an attacker can display a link to a third party website on a login screen by convincing a legitimate content author to follow a speciall...
Silverstripe Framework
312
VMScore
CVE-2022-25238
Silverstripe silverstripe/framework up to and including 4.10.0 allows XSS, inside of script tags that can can be added to website content via XHR by an authenticated CMS user if the cwp-core module is not installed on the sanitise_server_side contig is not set to true in project ...
Silverstripe Framework
NA
CVE-2022-37429
Silverstripe silverstripe/framework up to and including 4.11 allows XSS (issue 1 of 2) via JavaScript payload to the href attribute of a link by splitting a javascript URL with white space characters.
Silverstripe Framework
NA
CVE-2022-37430
Silverstripe silverstripe/framework up to and including 4.11 allows XSS vulnerability via href attribute of a link (issue 2 of 2).
Silverstripe Framework
NA
CVE-2022-38462
Silverstripe silverstripe/framework up to and including 4.11 is vulnerable to XSS by carefully crafting a return URL on a /dev/build or /Security/login request.
Silverstripe Framework
NA
CVE-2023-48714
Silverstripe Framework is the framework that forms the base of the Silverstripe content management system. Prior to versions 4.13.39 and 5.1.11, if a user should not be able to see a record, but that record can be added to a `GridField` using the `GridFieldAddExistingAutocomplete...
Silverstripe Framework
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
CVE-2023-52162
CVE-2024-23670
CVE-2024-5404
man-in-the-middle
CVE-2024-5214
CVE-2024-4358
CVE-2024-20696
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
NEXT »