silverstripe/subsites Unsafe SQL Query Construction (Safe Data Source)

2024-05-2818:23:17

Google

osv.dev

silverstripe subsites sql injection

8.2 High

AI Score

Confidence

Low

There is a low level potential SQL injection vulnerability in the silverstripe/subsites module has been identified and fixed in version 2.1.1.

CPENameOperatorVersion
silverstripe/subsiteseq2.0.2
silverstripe/subsiteseq2.0.0
silverstripe/subsiteseq2.0.1
silverstripe/subsiteseq2.1.0

Name	Operator	Version
silverstripe/subsites	eq	2.0.2
silverstripe/subsites	eq	2.0.0
silverstripe/subsites	eq	2.0.1
silverstripe/subsites	eq	2.1.0

References

github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/subsites/SS-2018-016-1.yaml

github.com/silverstripe/silverstripe-subsites

github.com/silverstripe/silverstripe-subsites/commit/bf2c81dce62ae9a7623d224fd31a39505260eb57

www.silverstripe.org/download/security-releases/ss-2018-016

8.2 High

AI Score

Confidence

Low