3 matches found
GHSA-V358-RVXR-WFFX Silverstripe XSS Vulnerabilities
Multiple cross-site scripting XSS vulnerabilities in SilverStripe 2.3.x before 2.3.13 and 2.4.x before 2.4.7 allow remote attackers to inject arbitrary web script or HTML via 1. a crafted string to the AbsoluteLinks 1. BigSummary 1. ContextSummary 1. EscapeXML 1. FirstParagraph 1. FirstSentence 1...
CVE-2012-0976
Cross-site scripting XSS vulnerability in admin/EditForm in SilverStripe 2.4.6 allows remote authenticated users with Content Authors privileges to inject arbitrary web script or HTML via the Title parameter. NOTE: some of these details are obtained from third party information...
CVE-2012-0976
The provided documents confirm CVE-2012-0976 affects SilverStripe 2.4.6, where an XSS vulnerability exists in admin/EditForm; remote authenticated users with Content Authors privileges can inject arbitrary script/HTML via the Title parameter. The description notes these details originate from thi...