Silverstripe History XSS Vulnerability

2024-05-2218:25:16

Google

osv.dev

silverstripe

cms

cross-site scripting

vulnerability

html

text fields

page history

6.3 Medium

AI Score

Confidence

High

JSON

A cross-site scripting vulnerability has been discovered in the CMS page history tab.

This vulnerability can only be exploited if a user with CMS access has posted malicious or unescaped HTML into any of the text fields on a page, and if the “compare mode” option is selected. The HTML will be embedded into the page unescaped.

This has been resolved by performing the text comparison in a HTML friendly way.

CPENameOperatorVersion
silverstripe/cmseq3.1.1
silverstripe/cmseq3.1.4
silverstripe/cmseq3.1.7-rc1
silverstripe/cmseq3.1.0
silverstripe/cmseq3.1.6-rc2
silverstripe/cmseq3.1.9-rc1
silverstripe/cmseq3.1.7
silverstripe/cmseq3.1.6-rc3
silverstripe/cmseq3.1.6-rc1
silverstripe/cmseq3.1.9

Name	Operator	Version
silverstripe/cms	eq	3.1.1
silverstripe/cms	eq	3.1.4
silverstripe/cms	eq	3.1.7-rc1
silverstripe/cms	eq	3.1.0
silverstripe/cms	eq	3.1.6-rc2
silverstripe/cms	eq	3.1.9-rc1
silverstripe/cms	eq	3.1.7
silverstripe/cms	eq	3.1.6-rc3
silverstripe/cms	eq	3.1.6-rc1
silverstripe/cms	eq	3.1.9

Rows per page:

1-10 of 221

References

github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/cms/SS-2015-003-1.yaml

github.com/silverstripe/silverstripe-cms

www.silverstripe.org/software/download/security-releases/ss-2015-003

6.3 Medium

AI Score

Confidence

High

JSON