code/sitefeatures/PageCommentInterface.php in SilverStripe 2.4.x prior to 2.4.6 might allow remote malicious users to execute arbitrary code via a crafted cookie in a user comment submission, which is not properly handled when it is deserialized.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
silverstripe silverstripe 2.4.3 |
||
silverstripe silverstripe 2.4.0 |
||
silverstripe silverstripe 2.4.1 |
||
silverstripe silverstripe 2.4.4 |
||
silverstripe silverstripe 2.4.2 |
||
silverstripe silverstripe 2.4.5 |