CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

RedhatCVE•added 2025/05/23 4:42 a.m.•5 views

CVE-2023-48714

Silverstripe Framework is the framework that forms the base of the Silverstripe content management system. Prior to versions 4.13.39 and 5.1.11, if a user should not be able to see a record, but that record can be added to a GridField using the GridFieldAddExistingAutocompleter component, the...

4.3CVSS6.7AI score0.00226EPSS

Exploits0

Prion•added 2024/01/23 2:15 p.m.•20 views

Information disclosure

4CVSS6.9AI score0.00226EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2024/01/23 1:49 p.m.•2 views

CVE-2023-48714 Record titles for restricted records can be viewed if exposed by GridFieldAddExistingAutocompleter

4.3CVSS7AI score0.00226EPSS

Exploits0References2

CVE•added 2024/01/23 1:49 p.m.•41 views

CVE-2023-48714

Summary: CVE-2023-48714 affects the Silverstripe Framework. Prior to versions 4.13.39 and 5.1.11, a user who should not see a record could access the record’s title when the record is added to a GridField via GridFieldAddExistingAutocompleter. Impact: potential information disclosure of restricte...

4.3CVSS4.3AI score0.00226EPSS

Exploits0References2Affected Software1

Cvelist•added 2024/01/23 1:49 p.m.•18 views

CVE-2023-48714 Record titles for restricted records can be viewed if exposed by GridFieldAddExistingAutocompleter

4.3CVSS4.7AI score0.00226EPSS

Exploits0References2

Github Security Blog•added 2024/01/23 12:49 p.m.•16 views

Record titles for restricted records can be viewed if exposed by GridFieldAddExistingAutocompleter

Impact If a user should not be able to see a record, but that record can be added to a GridField using the GridFieldAddExistingAutocompleter component, the record's title can be accessed by that user. Base CVSS: 4.3 Reported by: Nick K - LittleMonkey, littlemonkey.co.nz References -...

4.3CVSS4.5AI score0.00226EPSS

Exploits0References5Affected Software1