2 matches found
BIT-SILVERSTRIPE-2020-9311
In SilverStripe through 4.5, malicious users with a valid Silverstripe CMS login usually CMS access can craft profile information which can lead to XSS for other users through specially crafted login form URLs...
CVE-2020-9311
CVE-2020-9311 affects SilverStripe up to version 4.5. Infected by an authenticated user with CMS access, an attacker can craft profile information via specially crafted login form URLs to trigger a cross-site scripting (XSS) condition for other users. The available connected records corroborate t...