GoogleOSV:GHSA-R9VP-FP72-XGF7silverstripe/framework's `Member.Name` is not escaped
6.9 Medium
AI Score
Confidence
High
The core template framework/templates/Includes/GridField_print.ss uses “Printed by $Member.Name”.
If the currently logged in members first name or surname contain XSS, this prints the raw HTML out, because Member->getName() just returns the raw FirstName + Surname as a string, which is injected directly.
References
github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2016-013-1.yaml
github.com/silverstripe/silverstripe-framework
github.com/silverstripe/silverstripe-framework/commit/281b0de571fe0ae159ac47891c02acf2214fa619
github.com/silverstripe/silverstripe-framework/commit/6817c57f64b9eb2b271b81662cd83b074a3daee4
github.com/silverstripe/silverstripe-framework/commit/83e3302c0425d9b0e4fe42e82e3df03379f4dca5
github.com/silverstripe/silverstripe-framework/commit/8bbf1caae665a07b3e44e8d5d32556a03d38c296
www.silverstripe.org/download/security-releases/ss-2016-013
6.9 Medium
AI Score
Confidence
High