CVE-2021-27938

2021-03-16T16:15:00
ID CVE-2021-27938
Type cve
Reporter cve@mitre.org
Modified 2021-03-22T17:36:00

Description

A vulnerability has been identified in the Silverstripe CMS 3 and 4 version of the symbiote/silverstripe-queuedjobs module. A Cross Site Scripting vulnerability allows an attacker to inject an arbitrary payload in the CreateQueuedJobTask dev task via a specially crafted URL.