CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

OSV•added 2024/05/27 7:44 p.m.•5 views

GHSA-R85G-7JPV-8XRX silverstripe/framework has Cross-site Scripting vulnerability in CMSSecurity BackURL

In follow up to SS-2016-001 there is yet a minor unresolved fix to incorrectly encoded URL...

6.1CVSS7AI score

Exploits0References4

Github Security Blog•added 2024/05/27 7:44 p.m.•9 views

silverstripe/framework has Cross-site Scripting vulnerability in CMSSecurity BackURL

In follow up to SS-2016-001 there is yet a minor unresolved fix to incorrectly encoded URL...

7AI score

Exploits0References4Affected Software1

Github Security Blog•added 2023/04/26 7:46 p.m.•25 views

Open redirect vulnerability on CMSSecurity relogin screen

An attacker can display a link to a third party website on a login screen by convincing a legitimate content author to follow a specially crafted link. Upgrade to silverstripe/framework 4.12.5 or above to remedy the vulnerability. Reporter: Matthew Dekker...

6.1CVSS6AI score0.00203EPSS

Exploits0References6Affected Software1

OSV•added 2023/04/26 7:46 p.m.•19 views

GHSA-FW84-XGM8-9JMV Open redirect vulnerability on CMSSecurity relogin screen

6.1CVSS5.7AI score0.00203EPSS

Exploits0References6

Cvelist•added 2023/04/26 2:0 p.m.•16 views

CVE-2023-22729 Silverstripe Framework has open redirect vulnerability on CMSSecurity relogin screen

Silverstripe Framework is the Model-View-Controller framework that powers the Silverstripe content management system. Prior to version 4.12.15, an attacker can display a link to a third party website on a login screen by convincing a legitimate content author to follow a specially crafted link...

5.4CVSS6.4AI score0.00203EPSS

Exploits0References2