In SilverStripe up to and including 4.5, malicious users with a valid Silverstripe CMS login (usually CMS access) can craft profile information which can lead to XSS for other users through specially crafted login form URLs.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
silverstripe silverstripe |