4 matches found
CVE-2022-29858
Silverstripe silverstripe/assets through 1.10 is vulnerable to improper access control that allows protected images to be published by changing an existing image short code on website content...
CVE-2022-29858
The CVE-2022-29858 entry concerns Silverstripe’s assets module up to version 1.10, where improper access control allows publishing protected images by modifying an existing image shortcode in page content. Publicly available connected documents confirm the vulnerable component (silverstripe/asset...
CVE-2022-29858
Silverstripe silverstripe/assets through 1.10 is vulnerable to improper access control that allows protected images to be published by changing an existing image short code on website content...
CVE-2022-29858: Unpublished, protected files can be published via shortcode
More info at https://www.silverstripe.org/download/security-releases/cve-2022-29858...