silverstripe/assets Security Advisories for 1.7.0 (3)
-
[MEDIUM] CVE-2022-29858: Unpublished, protected files can be published via shortcode
PKSA-gkm3-w29w-mn8y CVE-2022-29858 GHSA-v68g-62v9-39w5
Affected version: >=1.0.0,<1.10.1
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[MEDIUM] CVE-2022-38147 - XSS via uploaded gpx file
PKSA-h12n-xqnh-nnc1 CVE-2022-38147 GHSA-vv3r-fxqp-vr3f
Affected version: >=1.0.0,<1.11.1
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[MEDIUM] CVE-2022-38724 - XSS in shortcodes
PKSA-vdrm-g673-qq8n CVE-2022-38724 GHSA-9cx2-hj6m-fv58
Affected version: >=1.0.0,<1.11.1
Reported by:
GitHub, FriendsOfPHP/security-advisories