Lucene search
PRIOn knowledge basePRION:CVE-2020-9280HistoryApr 15, 2020 - 9:15 p.m.
Default credentials
2020-04-1521:15:00
PRIOn knowledge base
www.prio-n.com
4
In SilverStripe through 4.5, files uploaded via Forms to folders migrated from Silverstripe CMS 3.x may be put to the default “/Uploads” folder instead. This affects installations which allowed upload folder protection via the optional silverstripe/secureassets module under 3.x. This module is installed and enabled by default on the Common Web Platform (CWP). The vulnerability only affects files uploaded after an upgrade to 4.x.
| CPE | Name | Operator | Version |
|---|---|---|---|
| silverstripe | ge | 4.0.0 | |
| silverstripe | le | 4.5.0 |
Related
osv
osv
SilverStripe Folders migrated from 3.x may be unsafe to upload to
2022-05-24 17:15:19
CVE-2020-9280
2020-04-15 21:15:36
BIT-silverstripe-2020-9280
2024-03-06 11:06:02
nvd
nvd
CVE-2020-9280
2020-04-15 21:15:36
github
github
SilverStripe Folders migrated from 3.x may be unsafe to upload to
2022-05-24 17:15:19
friendsofphp
friendsofphp
CVE-2020-9280: Folders migrated from 3.x may be unsafe to upload to
2019-09-24 13:49:59
cvelist
cvelist
CVE-2020-9280
2020-04-15 20:18:14
cve
cve
CVE-2020-9280
2020-04-15 21:15:36