Silverstripe XSS in dev/build returnURL Parameter

2024-05-2317:15:09

Google

osv.dev

xss

returnurl parameter

dev/build

security risk

unvalidated url

third party url

framework 3.1.14

software

6 Medium

AI Score

Confidence

High

JSON

A XSS risk exists in the returnURL parameter passed to dev/build. An unvalidated url could cause the user to redirect to an unverified third party url outside of the site.

This issue is resolved in framework 3.1.14 stable release.

CPENameOperatorVersion
silverstripe/frameworkeq3.1.10-rc1
silverstripe/frameworkeq3.0.3-rc1
silverstripe/frameworkeq3.1.2-rc1
silverstripe/frameworkeq3.0.6-rc2
silverstripe/frameworkeq3.1.3
silverstripe/frameworkeq2.4.11
silverstripe/frameworkeq2.4.13
silverstripe/frameworkeq3.1.2
silverstripe/frameworkeq3.1.3-rc1
silverstripe/frameworkeq3.1.5

Name	Operator	Version
silverstripe/framework	eq	3.1.10-rc1
silverstripe/framework	eq	3.0.3-rc1
silverstripe/framework	eq	3.1.2-rc1
silverstripe/framework	eq	3.0.6-rc2
silverstripe/framework	eq	3.1.3
silverstripe/framework	eq	2.4.11
silverstripe/framework	eq	2.4.13
silverstripe/framework	eq	3.1.2
silverstripe/framework	eq	3.1.3-rc1
silverstripe/framework	eq	3.1.5

Rows per page:

1-10 of 621

References

github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2015-015-1.yaml

github.com/silverstripe/silverstripe-framework

github.com/silverstripe/silverstripe-framework/commit/751d77386c3c6e354b521fa61ff142f95895cca8

www.silverstripe.org/software/download/security-releases/ss-2015-015

6 Medium

AI Score

Confidence

High

JSON