Lucene search

K
osvGoogleOSV:GHSA-779C-7W4P-2C4G
HistoryMay 22, 2024 - 6:18 p.m.

Silverstripe admin XSS Vulnerability via WYSIWYG editor

2024-05-2218:18:18
Google
osv.dev
3
silverstripe
admin
xss
vulnerability
wysiwyg
editor
malicious
javascript
cms

7.1 High

AI Score

Confidence

Low

It is possible for a bad actor with access to the CMS to make use of onmouseover or onmouseout attributes in the WYSIWYG editor to embed malicious javascript.

7.1 High

AI Score

Confidence

Low