Silverstripe/framework through 4.11 is vulnerable to XSS by crafting a return URL on /dev/build or /Security/login request
Reporter | Title | Published | Views | Family All 8 |
---|---|---|---|---|
![]() | SilverStripe Cross-Site Scripting Vulnerability | 24 Nov 202200:00 | – | cnvd |
![]() | Reflected XSS in querystring parameters | 21 Nov 202223:59 | – | github |
![]() | Reflected XSS in querystring parameters | 21 Nov 202223:59 | – | osv |
![]() | CVE-2022-38462 | 22 Nov 202213:15 | – | osv |
![]() | Design/Logic Flaw | 22 Nov 202213:15 | – | prion |
![]() | CVE-2022-38462 | 22 Nov 202200:00 | – | cvelist |
![]() | CVE-2022-38462 - Reflected XSS in querystring parameters | 21 Nov 202100:00 | – | friendsofphp |
![]() | CVE-2022-38462 | 22 Nov 202213:15 | – | nvd |
Source | Link |
---|---|
forum | www.forum.silverstripe.org/c/releases |
silverstripe | www.silverstripe.org/download/security-releases/ |
silverstripe | www.silverstripe.org/blog/tag/release |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo