All versions of SilverStripe 3 before 3.6.7 and 3.7.3, and all versions of SilverStripe 4 before 4.0.7, 4.1.5, 4.2.4, and 4.3.1 allows Reflected SQL Injection through Form and DataObject.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
silverstripe silverstripe 4.3.0 |
||
silverstripe silverstripe |