3 matches found
CVE-2010-4823
Cross-site scripting XSS vulnerability in the httpError method in sapphire/core/control/RequestHandler.php in SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4, when custom error handling is not used, allows remote attackers to inject arbitrary web script or HTML via "missing URL actions."...
CVE-2010-4823
The CVE-2010-4823 issue affects SilverStripe: vulnerable in Sapphire framework’s httpError handling, specifically sapphire/core/control/RequestHandler.php. Versions affected are SilverStripe 2.3.x prior to 2.3.10 and 2.4.x prior to 2.4.4, where improper handling of missing URL actions (when custo...
CVE-2010-4823
Cross-site scripting XSS vulnerability in the httpError method in sapphire/core/control/RequestHandler.php in SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4, when custom error handling is not used, allows remote attackers to inject arbitrary web script or HTML via "missing URL actions."...