2 matches found
CVE-2015-5062
Open redirect vulnerability in SilverStripe CMS & Framework 3.1.13 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the returnURL parameter to dev/build...
CVE-2015-5062
Affected software: SilverStripe CMS & Framework (version 3.1.13, with references noting a fix in 3.1.14). Vulnerability type & root cause: Open redirect via the unvalidated returnURL parameter on the dev/build URL, enabling redirects to arbitrary sites and potential phishing. Impact (as described...