Silverstripe Framework vulnerabilities
41 known vulnerabilities affecting silverstripe/framework.
Total CVEs
41
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH3MEDIUM32LOW4
Vulnerabilities
Page 2 of 3
CVE-2022-38147P4MEDIUMCVSS 5.4≥ 1.0.0, < 1.11.12022-11-23
CVE-2022-38147 [MEDIUM] CWE-79 CVE-2022-38147: Silverstripe silverstripe/framework through 4.11 allows XSS (issue 3 of 3).
Silverstripe silverstripe/framework through 4.11 allows XSS (issue 3 of 3).
nvd
CVE-2022-38145P4MEDIUMCVSS 5.4≥ 1.0.0, < 1.11.12022-11-23
CVE-2022-38145 [MEDIUM] CWE-79 CVE-2022-38145: Silverstripe silverstripe/framework through 4.11 allows XSS (issue 1 of 3) via remote attackers addi
Silverstripe silverstripe/framework through 4.11 allows XSS (issue 1 of 3) via remote attackers adding a Javascript payload to a page's meta description and get it executed in the versioned history compare view.
nvd
CVE-2022-37429P4MEDIUMCVSS 5.4≥ 3.0.0, < 4.11.132022-11-23
CVE-2022-37429 [MEDIUM] CWE-79 CVE-2022-37429: Silverstripe silverstripe/framework through 4.11 allows XSS (issue 1 of 2) via JavaScript payload to
Silverstripe silverstripe/framework through 4.11 allows XSS (issue 1 of 2) via JavaScript payload to the href attribute of a link by splitting a javascript URL with white space characters.
ghsanvdosv
CVE-2020-26138P4MEDIUM≥ 3.0.0, < 4.7.42022-03-26
CVE-2020-26138 [MEDIUM] CWE-20 FormField with square brackets in field name skips validation
FormField with square brackets in field name skips validation
FileField with array notation skips validation
The FileField class is commonly used for file upload in custom code on a Silverstripe website. This field is designed to be used with a single file upload.
PHP allows for submitting multiple values by adding square brackets to the field name. When this is done to a FileField, it will be coerced
ghsaosv
CVE-2019-14272P4MEDIUM≥ 4.0.0, < 4.3.5≥ 4.4.0, < 4.4.42022-05-24
CVE-2019-14272 [MEDIUM] CWE-79 SilverStripe asset-admin Cross-site Scripting (XSS)
SilverStripe asset-admin Cross-site Scripting (XSS)
In SilverStripe asset-admin 4.0, there is XSS in file titles managed through the CMS.
ghsaosv
CVE-2020-9311P4MEDIUM≥ 3.0.0, < 3.7.52022-05-24
CVE-2020-9311 [MEDIUM] CWE-79 Silverstripe CMS XSS Vulnerability
Silverstripe CMS XSS Vulnerability
In SilverStripe through 4.5, malicious users with a valid Silverstripe CMS login (usually CMS access) can craft profile information which can lead to XSS for other users through specially crafted login form URLs.
ghsaosv
CVE-2022-28803P4MEDIUM≥ 4.0.0, < 4.10.92022-06-29
CVE-2022-28803 [MEDIUM] CWE-79 Stored XSS in link tags added via XHR in SilverStripe Framework
Stored XSS in link tags added via XHR in SilverStripe Framework
SilverStripe Framework 4.x prior to 4.10.9 is vulnerable to cross-site scripting inside the href attribute of an HTML hyperlink, which can be added to website content via XMLHttpRequest (XHR) by an authenticated CMS user.
ghsaosv
CVE-2020-25817P4MEDIUMCVSS 4.8≥ 4.0.0, < 4.7.42022-05-24
CVE-2020-25817 [MEDIUM] CWE-611 SilverStripe XXE Vulnerability in CSSContentParser
SilverStripe XXE Vulnerability in CSSContentParser
SilverStripe through 4.6.0-rc1 has an XXE Vulnerability in CSSContentParser. A developer utility meant for parsing HTML within unit tests can be vulnerable to XML External Entity (XXE) attacks. When this developer utility is misused for purposes involving external or user submitted data in custom project code, it can lead to vulnerabilities such as XSS on HTML ou
ghsaosv
CVE-2019-19325P4MEDIUM≥ 4.5.0, < 4.5.2≥ 4.0.0, < 4.4.52020-02-24
CVE-2019-19325 [MEDIUM] CWE-78 Reflected XSS in SilverStripe
Reflected XSS in SilverStripe
SilverStripe through 4.4.x before 4.4.5 and 4.5.x before 4.5.2 allows Reflected XSS on the login form and custom forms. Silverstripe Forms allow malicious HTML or JavaScript to be inserted through non-scalar FormField attributes, which allows performing XSS (Cross-Site Scripting) on some forms built with user input (Request data). This can lead to phishing attempts to obtain a user's credentials or other
ghsaosv
CVE-2023-22728P4MEDIUMCVSS 4.3fixed in 4.12.52023-04-26
CVE-2023-22728 [MEDIUM] CWE-862 CVE-2023-22728: Silverstripe Framework is the Model-View-Controller framework that powers the Silverstripe content m
Silverstripe Framework is the Model-View-Controller framework that powers the Silverstripe content management system. Prior to version 4.12.15, the GridField print view incorrectly validates the permission of DataObjects potentially allowing a content author to view records they are not authorised to access. Users should upgrade to Silverstripe Fram
ghsanvdosv
CVE-2023-48714P4MEDIUMCVSS 4.3fixed in 4.13.39≥ 5.0.0, < 5.1.112024-01-23
CVE-2023-48714 [MEDIUM] CWE-200 CVE-2023-48714: Silverstripe Framework is the framework that forms the base of the Silverstripe content management s
Silverstripe Framework is the framework that forms the base of the Silverstripe content management system. Prior to versions 4.13.39 and 5.1.11, if a user should not be able to see a record, but that record can be added to a `GridField` using the `GridFieldAddExistingAutocompleter` component, the record's title can be accessed by that user. Versions
ghsanvdosv
CVE-2012-4968P4LOWCVSS 2.1≥ 2.3, < 2.3.13≥ 2.4, < 2.4.72022-05-17
CVE-2012-4968 [LOW] CWE-79 Silverstripe XSS Vulnerabilities
Silverstripe XSS Vulnerabilities
Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe 2.3.x before 2.3.13 and 2.4.x before 2.4.7 allow remote attackers to inject arbitrary web script or HTML via
1. a crafted string to the `AbsoluteLinks`
1. `BigSummary`
1. `ContextSummary`
1. `EscapeXML`
1. `FirstParagraph`
1. `FirstSentence`
1. `Initial`
1. `LimitCharacters`
1. `LimitSentences`
1. `LimitWordCount`
1. `LimitWordCountXML`
ghsaosv
CVE-2019-12205P4MEDIUM≥ 3.0.0, < 4.3.5≥ 4.4.0-rc1, < 4.4.42022-05-24
CVE-2019-12205 [MEDIUM] CWE-79 Silverstripe Flash Clipboard Reflected XSS
Silverstripe Flash Clipboard Reflected XSS
SilverStripe versions 3.0.0 until 4.3.5 and 4.4.4 are vulnerable to Flash Clipboard Reflected XSS. Versions 4.3.5 and 4.4.4 of `silverstripe/framework` and version 1.3.5 of `silverstripe/admin` contain a fix for this issue.
ghsaosv
CVE-2019-12203P4MEDIUM≥ 3.7.0, < 3.7.4≥ 4.4.0, < 4.4.4+2 more2019-11-12
CVE-2019-12203 [MEDIUM] CWE-384 Session fixation in change password form
Session fixation in change password form
SilverStripe through 4.3.3 allows session fixation in the "change password" form.
ghsaosv
CVE-2015-5062P4MEDIUM≥ 0, ≤ 3.1.132022-05-14
CVE-2015-5062 [MEDIUM] CWE-601 Silverstripe CMS Open Redirect
Silverstripe CMS Open Redirect
Open redirect vulnerability in SilverStripe CMS & Framework 3.1.13 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the returnURL parameter to dev/build.
ghsaosv
CVE-2017-18049P4MEDIUM≥ 0, < 3.5.6≥ 3.6.0, < 3.6.3+1 more2022-05-14
CVE-2017-18049 [MEDIUM] CWE-74 SilverStripe CSV Excel Macro Injection
SilverStripe CSV Excel Macro Injection
In the CSV export feature of SilverStripe before 3.5.6, 3.6.x before 3.6.3, and 4.x before 4.0.1, it's possible for the output to contain macros and scripts, which may be executed if imported without sanitization into common software (including Microsoft Excel). For example, the CSV data may contain untrusted user input from the "First Name" field of a user's /myprofile page.
ghsaosv
CVE-2010-1593P4LOW≥ 0, < 2.3.52022-05-14
CVE-2010-1593 [LOW] CWE-79 SilverStripe vulnerable to Cross-site Scripting
SilverStripe vulnerable to Cross-site Scripting
Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via (1) the CommenterURL parameter to PostCommentForm, and in the Forum module before 0.2.5 in SilverStripe before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via (2) the Search parameter to forums/search (aka
ghsaosv
CVE-2019-12246P4MEDIUM≥ 4.0.0, < 4.4.0≥ 0, ≤ 3.62022-05-24
CVE-2019-12246 [MEDIUM] CWE-352 SilverStripe Denial of Service on flush and development URL tools
SilverStripe Denial of Service on flush and development URL tools
SilverStripe before 4.4.0 allows a Denial of Service on flush and development URL tools.
ghsaosv
CVE-2019-12617P4LOW≥ 4.4.0, < 4.4.4≥ 4.3.0, < 4.3.52019-11-12
CVE-2019-12617 [LOW] SilverStripe Priviledge escalation through cache pollution
SilverStripe Priviledge escalation through cache pollution
In SilverStripe through 4.3.3, there is access escalation for CMS users with limited access through permission cache pollution.
ghsaosv
CVE-2023-32302LOW≥ 3.0.0, < 4.13.14≥ 5.0.0, < 5.0.132023-07-31
CVE-2023-32302 [LOW] CWE-20 Silverstripe Framework: Members with no password can be created and bypass custom login forms
Silverstripe Framework: Members with no password can be created and bypass custom login forms
When a new `Member` record was created in the cms it was possible to set a blank password. If an attacker knows the email address of the user with the blank password then they can attempt to log in using an empty password. The default member authenticator, login form and basic auth
ghsaosv