Security Advisories - silverstripe/cms

silverstripe/cms Security Advisories (14)

[HIGH] Silverstripe CMS malicious file upload enables script execution

PKSA-znsz-m7d7-h56t CVE-2020-9309 GHSA-h77w-655f-6j3m

Affected version: <=4.5.0

Reported by:
GitHub
[MEDIUM] Silverstripe CMS XSS Vulnerability

PKSA-ccyg-wwy5-yyd3 CVE-2020-9311 GHSA-2pw2-qpcp-m47x

Affected version: <=4.5.0

Reported by:
GitHub
[HIGH] Silverstripe CMS information disclosure

PKSA-56d7-q47d-h34q CVE-2020-6164 GHSA-gm5x-hpmw-xpxg

Affected version: <=4.5.0

Reported by:
GitHub
[MEDIUM] Silverstripe CMS Arbitrary Code Execution

PKSA-jq4c-j65c-3sqg CVE-2011-4962 GHSA-gv6c-59h4-9pmg

Affected version: >=2.4.0,<2.4.6

Reported by:
GitHub
[MEDIUM] Silverstripe CMS XSS Vulnerability

PKSA-5p8s-br5x-fync CVE-2017-14498 GHSA-j696-6m57-mcrv

Affected version: <3.6.1

Reported by:
GitHub
[MEDIUM] Silverstripe CMS User Enumeration

PKSA-8wfk-kpg2-nsf4 CVE-2017-12849 GHSA-fwhr-g5r4-xgxf

Affected version: >=3.6,<3.6.1|<3.5.5

Reported by:
GitHub
[MEDIUM] Silverstripe CMS Open Redirect

PKSA-d4nc-b285-bshc CVE-2015-5062 GHSA-fh35-p8ph-p545

Affected version: <=3.1.13

Reported by:
GitHub
[MEDIUM] Silverstripe CMS XSS Vulnerability

PKSA-k3cw-5yj1-rnwr CVE-2017-5197 GHSA-xmjh-wjc5-wg4h

Affected version: >=3.5.0,<3.5.2|<3.4.4

Reported by:
GitHub
[MEDIUM] Silverstripe CMS XSS Vulnerability

PKSA-53v5-xxz5-2hk4 CVE-2015-8606 GHSA-gvc8-xjfp-6569

Affected version: =3.2.0|<=3.1.15

Reported by:
GitHub
[MEDIUM] CVE-2022-37421 - Stored XSS in custom meta tags

PKSA-vfdf-hjn1-7mdt CVE-2022-37421 GHSA-pp74-g2q5-j4jf

Affected version: >=4.0.0,<4.11.3

Reported by:
GitHub, FriendsOfPHP/security-advisories
[CRITICAL] Missing warning can lead to unauthenticated admin access in SilverStripe

PKSA-7mbq-dxf7-1z4d CVE-2019-12204 GHSA-cg8j-8w52-735v

Affected version: >=4.4.0,<4.4.4

Reported by:
GitHub
[MEDIUM] SS-2015-008: SiteTree Creation Permission Vulnerability

PKSA-tbcz-9q2k-1r4f GHSA-6hh6-59j2-qrxw

Affected version: >=3.0.0,<=3.0.11|>=3.1.0,<3.1.11

Reported by:
GitHub, FriendsOfPHP/security-advisories
[MEDIUM] SS-2015-003: History XSS Vulnerability

PKSA-d3xv-chbr-ng6f GHSA-r97r-64vp-fghm

Affected version: >=3.1.0,<=3.1.9

Reported by:
GitHub, FriendsOfPHP/security-advisories
[HIGH] SS-2015-005: VirtualPage XSS

PKSA-pvwk-bm9n-rprc GHSA-3mm9-2p44-rw39

Affected version: >=3.1.0,<=3.1.9

Reported by:
GitHub, FriendsOfPHP/security-advisories

silverstripe/cms Security Advisories (14)

[HIGH] Silverstripe CMS malicious file upload enables script execution

[MEDIUM] Silverstripe CMS XSS Vulnerability

[HIGH] Silverstripe CMS information disclosure

[MEDIUM] Silverstripe CMS Arbitrary Code Execution

[MEDIUM] Silverstripe CMS XSS Vulnerability

[MEDIUM] Silverstripe CMS User Enumeration

[MEDIUM] Silverstripe CMS Open Redirect

[MEDIUM] Silverstripe CMS XSS Vulnerability

[MEDIUM] Silverstripe CMS XSS Vulnerability

[MEDIUM] CVE-2022-37421 - Stored XSS in custom meta tags

[CRITICAL] Missing warning can lead to unauthenticated admin access in SilverStripe

[MEDIUM] SS-2015-008: SiteTree Creation Permission Vulnerability

[MEDIUM] SS-2015-003: History XSS Vulnerability

[HIGH] SS-2015-005: VirtualPage XSS