4 matches found
Improper Authorization
silverstripe/cms is vulnerable to Improper Authorization. The vulnerability is due to insufficient permission checks during SiteTree object creation, allowing unauthorized users to create new SiteTree objects...
Silverstripe SiteTree Creation Permission Vulnerability
A vulnerability exists in the permission validation for SiteTree object creation. By default user permissions are not validated by the SiteTree::canCreate method, unless overridden by user code or via the configuration system. This vulnerability will allow users, or unauthenticated guests, to...
GHSA-3MM9-2P44-RW39 Silverstripe SiteTree Creation Permission Vulnerability
A vulnerability exists in the permission validation for SiteTree object creation. By default user permissions are not validated by the SiteTree::canCreate method, unless overridden by user code or via the configuration system. This vulnerability will allow users, or unauthenticated guests, to...
SS-2015-008: SiteTree Creation Permission Vulnerability
More info at https://www.silverstripe.org/software/download/security-releases/ss-2015-008-sitetree-creation-permission-vulnerability/...