CVE-2019-19326HTTP Request Smuggling in Silverstripe

CWE-444HTTP Request Smuggling3 documents3 sources
Severity
5.9MEDIUMNVD
EPSS
0.2%
top 56.64%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SilverstripeSilverstripe Framework
Timeline
PublishedJul 15
Latest updateMay 24

Description

Silverstripe CMS sites through 4.4.4 which have opted into HTTP Cache Headers on responses served by the framework's HTTP layer can be vulnerable to web cache poisoning. Through modifying the X-Original-Url and X-HTTP-Method-Override headers, responses with malicious HTTP headers can return unexpected responses to other consumers of this cached response. Most other headers associated with web cache poisoning are already disabled through request hostname forgery whitelists.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages2 packages

Packagistsilverstripe/framework4.0.04.4.7+2
NVDsilverstripe/silverstripe3.0.03.7.5+2

🔴Vulnerability Details

2
GHSA
SilverStripe Web Cache Poisoning through HTTPRequestBuilder2022-05-24
OSV
SilverStripe Web Cache Poisoning through HTTPRequestBuilder2022-05-24