6 matches found
CVE-2023-49783
Silverstripe Admin provides a basic management interface for the Silverstripe Framework. In versions on the 1.x branch prior to 1.13.19 and on the 2.x branch prior to 2.1.8, users who don't have edit or delete permissions for records exposed in a ModelAdmin can still edit or delete records using...
EUVD-2024-0373
Malicious code in bioql PyPI...
CVE-2023-49783 No permission checks for editing/deleting records with CSV import form
Silverstripe Admin provides a basic management interface for the Silverstripe Framework. In versions on the 1.x branch prior to 1.13.19 and on the 2.x branch prior to 2.1.8, users who don't have edit or delete permissions for records exposed in a ModelAdmin can still edit or delete records using...
CVE-2023-49783 No permission checks for editing/deleting records with CSV import form
Silverstripe Admin provides a basic management interface for the Silverstripe Framework. In versions on the 1.x branch prior to 1.13.19 and on the 2.x branch prior to 2.1.8, users who don't have edit or delete permissions for records exposed in a ModelAdmin can still edit or delete records using...
PT-2024-13800 · Silverstripe · Silverstripe/Admin
Name of the Vulnerable Software and Affected Versions: Silverstripe Admin versions 1.x prior to 1.13.19 Silverstripe Admin versions 2.x prior to 2.1.8 Description: The issue allows users who don't have edit or delete permissions for records exposed in a ModelAdmin to still edit or delete records...
SilverStripe Admin Security Vulnerability
SilverStripe is New Zealand SilverStripe company's set of open source programming framework and content management system CMS. The system has support for multiple languages , cross-platform and other features . A security vulnerability exists in Silverstripe Admin version 1.x prior to 1.13.19 and...