Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe CMS & Framework prior to 3.1.16 and 3.2.x prior to 3.2.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) Locale or (2) FailedLoginCount parameter to admin/security/EditForm/field/Members/item/new/ItemEditForm.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
silverstripe silverstripe |
||
silverstripe silverstripe 3.2.0 |