URL Injection

silverstripe/framework is vulnerable to a URL Injection vulnerability. The vulnerability is due to improper encoding of entities in the URL string, specifically in requests coming from Internet Explorer, which allows malicious JavaScript code to be directly inserted into the output content by...

Cross Site Scripting (XSS)

silverstripe/framework is vulnerable to Cross Site Scripting XSS. The vulnerability is due to inadequate sanitisation of the rewriteHashlinks option in SSViewer, allowing an attacker to inject HTML through the querystring...

GHSA-34Q6-XQXH-GQ39 Silverstripe XSS In rewritten hash links

A high level XSS vulnerability has been discovered in the SilverStripe framework which causes links containing hash anchors E.g. href="anchor" to be rewritten in an unsafe way. The rewriteHashlinks option on SSViewer will rewrite these to contain the current url, although without adequate escapin...

GHSA-5F5V-5C3V-GW5V Silverstripe IE requests not properly behaving with rewritehashlinks

Non IE browsers don’t appear to be affected, but I haven’t tested a wide range of browsers to be sure Requests that come through from IE do NOT appear to encode all entities in the URL string, meaning they are inserted into output content directly by SSViewer::process when rewriting hashlinks, as...

Silverstripe IE requests not properly behaving with rewritehashlinks

Non IE browsers don’t appear to be affected, but I haven’t tested a wide range of browsers to be sure Requests that come through from IE do NOT appear to encode all entities in the URL string, meaning they are inserted into output content directly by SSViewer::process when rewriting hashlinks, as...

PT-2024-40096 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Silverstripe versions prior to a fixed version affected versions not specified Description: The issue affects Internet Explorer browsers, where requests do not encode all entities in the URL string. As a result, when rewriting hashlinks,...