Several vulnerabilities were discovered in SilverStripe Limited ‘Silver Stripe CMS’ software:
Incorrect User Input Filtration when Connecting to External Files
File System Path Manipulation
Using Global Variables
Incorrect User Input Filtration when Using the unserialize Function
Incorrect Newline Symbol Filtration in HTTP-response Headers
Hardcoded Credentials
Using Insufficiently Random Generators in Cryptography
Incorrect Permissions for External Entities During XML Document Processing
Incorrect User Input Filtration when Generating Code on the Fly
Using Obsolete jQuery Methods
Using Insufficiently Random Generators in Cryptography
CPE | Name | Operator | Version |
---|---|---|---|
silver stripe cms | le | 3.4.1 |