Silverstripe silverstripe/framework up to and including 4.11 allows XSS (issue 1 of 2) via JavaScript payload to the href attribute of a link by splitting a javascript URL with white space characters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
silverstripe framework |