silverstripe/cms Security Advisories for 3.5.2-rc1 (5)
-
[HIGH] Silverstripe CMS malicious file upload enables script execution
PKSA-znsz-m7d7-h56t CVE-2020-9309 GHSA-h77w-655f-6j3m
Affected version: <=4.5.0
Reported by:
GitHub -
[MEDIUM] Silverstripe CMS XSS Vulnerability
PKSA-ccyg-wwy5-yyd3 CVE-2020-9311 GHSA-2pw2-qpcp-m47x
Affected version: <=4.5.0
Reported by:
GitHub -
[HIGH] Silverstripe CMS information disclosure
PKSA-56d7-q47d-h34q CVE-2020-6164 GHSA-gm5x-hpmw-xpxg
Affected version: <=4.5.0
Reported by:
GitHub -
[MEDIUM] Silverstripe CMS XSS Vulnerability
PKSA-5p8s-br5x-fync CVE-2017-14498 GHSA-j696-6m57-mcrv
Affected version: <3.6.1
Reported by:
GitHub -
[MEDIUM] Silverstripe CMS User Enumeration
PKSA-8wfk-kpg2-nsf4 CVE-2017-12849 GHSA-fwhr-g5r4-xgxf
Affected version: >=3.6,<3.6.1|<3.5.5
Reported by:
GitHub