Silverstripe Cms vulnerabilities

CVE-2022-37421 [MEDIUM] CWE-79 Silverstipe CMS Stored XSS in custom meta tags Silverstipe CMS Stored XSS in custom meta tags A malicious content author could create a custom meta tag and execute an arbitrary JavaScript payload. This would require convincing a legitimate user to access a page and enter a custom keyboard shortcut. This requires CMS access to exploit.

CVE-2020-6164 [HIGH] CWE-200 Silverstripe CMS information disclosure Silverstripe CMS information disclosure In SilverStripe through 4.5.0, a specific URL path configured by default through the silverstripe/framework module can be used to disclose the fact that a domain is hosting a Silverstripe application. There is no disclosure of the specific version. The functionality on this URL path is limited to execution in a CLI context, and is not known to present a vulnerability through web-based ac

CVE-2020-9309 [HIGH] CWE-434 Silverstripe CMS malicious file upload enables script execution Silverstripe CMS malicious file upload enables script execution Silverstripe CMS through 4.5 can be susceptible to script execution from malicious upload contents under allowed file extensions (for example HTML code in a TXT file). When these files are stored as protected or draft files, the MIME detection can cause browsers to execute the file contents. Uploads stored as protected or draft files are al

CVE-2020-9311 [MEDIUM] CWE-79 Silverstripe CMS XSS Vulnerability Silverstripe CMS XSS Vulnerability In SilverStripe through 4.5, malicious users with a valid Silverstripe CMS login (usually CMS access) can craft profile information which can lead to XSS for other users through specially crafted login form URLs.

CVE-2017-14498 [MEDIUM] CWE-79 Silverstripe CMS XSS Vulnerability Silverstripe CMS XSS Vulnerability SilverStripe CMS before 3.6.1 has XSS via an SVG document that is mishandled by (1) the Insert Media option in the content editor or (2) an admin/assets/add pathname, as demonstrated by the admin/pages/edit/EditorToolbar/MediaForm/field/AssetUploadField/upload URI, aka issue SS-2017-017.

CVE-2017-12849 [MEDIUM] CWE-200 Silverstripe CMS User Enumeration Silverstripe CMS User Enumeration Response discrepancy in the login and password reset forms in SilverStripe CMS before 3.5.5 and 3.6.x before 3.6.1 allows remote attackers to enumerate users via timing attacks.

CVE-2011-4962 [MEDIUM] CWE-20 Silverstripe CMS Arbitrary Code Execution Silverstripe CMS Arbitrary Code Execution `code/sitefeatures/PageCommentInterface.php` in SilverStripe 2.4.x before 2.4.6 might allow remote attackers to execute arbitrary code via a crafted cookie in a user comment submission, which is not properly handled when it is deserialized.

CVE-2017-5197 [MEDIUM] CWE-79 Silverstripe CMS XSS Vulnerability Silverstripe CMS XSS Vulnerability There is XSS in SilverStripe CMS before 3.4.4 and 3.5.x before 3.5.2. The attack vector is a page name. An example payload is a crafted JavaScript event handler within a malformed SVG element.

CVE-2015-5062 [MEDIUM] CWE-601 Silverstripe CMS Open Redirect Silverstripe CMS Open Redirect Open redirect vulnerability in SilverStripe CMS & Framework 3.1.13 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the returnURL parameter to dev/build.

CVE-2010-1593 [LOW] CWE-79 SilverStripe vulnerable to Cross-site Scripting SilverStripe vulnerable to Cross-site Scripting Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via (1) the CommenterURL parameter to PostCommentForm, and in the Forum module before 0.2.5 in SilverStripe before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via (2) the Search parameter to forums/search (aka

CVE-2015-8606 [MEDIUM] CWE-79 Silverstripe CMS XSS Vulnerability Silverstripe CMS XSS Vulnerability Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe CMS & Framework before 3.1.16 and 3.2.0 before 3.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Locale or (2) FailedLoginCount parameter to `admin/security/EditForm/field/Members/item/new/ItemEditForm`.

CVE-2019-12204 [CRITICAL] Missing warning can lead to unauthenticated admin access in SilverStripe Missing warning can lead to unauthenticated admin access in SilverStripe In SilverStripe through 4.3.3, a missing warning about leaving install.php in a public webroot can lead to unauthenticated admin access.