7 matches found
GHSA-FH35-P8PH-P545 Silverstripe CMS Open Redirect
Open redirect vulnerability in SilverStripe CMS & Framework 3.1.13 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the returnURL parameter to dev/build...
CVE-2015-5063
Multiple cross-site scripting XSS vulnerabilities in SilverStripe CMS & Framework 3.1.13 allow remote attackers to inject arbitrary web script or HTML via the 1 adminusername or 2 adminpassword parameter to install.php...
CVE-2015-5062
Open redirect vulnerability in SilverStripe CMS & Framework 3.1.13 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the returnURL parameter to dev/build...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in SilverStripe CMS & Framework 3.1.13 allow remote attackers to inject arbitrary web script or HTML via the 1 adminusername or 2 adminpassword parameter to install.php...
Open redirect
Open redirect vulnerability in SilverStripe CMS & Framework 3.1.13 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the returnURL parameter to dev/build...
CVE-2015-5063
Multiple cross-site scripting XSS vulnerabilities in SilverStripe CMS & Framework 3.1.13 allow remote attackers to inject arbitrary web script or HTML via the 1 adminusername or 2 adminpassword parameter to install.php...
CVE-2015-5062
Affected software: SilverStripe CMS & Framework (version 3.1.13, with references noting a fix in 3.1.14). Vulnerability type & root cause: Open redirect via the unvalidated returnURL parameter on the dev/build URL, enabling redirects to arbitrary sites and potential phishing. Impact (as described...