2 matches found
Cross Site Scripting (XSS)
silverstripe/framework is vulnerable to Cross Site Scripting XSS. The vulnerability is due to improper input validation of HTML content, which allows authenticated users with page edit permission to perform XSS...
PT-2024-40233 · Packagist · Silverstripe/Framework
Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: An authenticated user with page edit permission can craft HTML that, when rendered in a page history comparison, can execute client scripts. Recommendations: At the moment, there is no...