3 matches found
Silverstripe XSS in dev/build returnURL Parameter
A XSS risk exists in the returnURL parameter passed to dev/build. An unvalidated url could cause the user to redirect to an unverified third party url outside of the site. This issue is resolved in framework 3.1.14 stable release...
GHSA-HQ4P-5MPR-JJ9M Silverstripe XSS in dev/build returnURL Parameter
A XSS risk exists in the returnURL parameter passed to dev/build. An unvalidated url could cause the user to redirect to an unverified third party url outside of the site. This issue is resolved in framework 3.1.14 stable release...
EasySNS V1.6 Frontend Arbitrary File Download Vulnerability
ESPHP development framework based on the development of EasySNS minimalist community for the new database architecture and program structure.ESPHP is a self-developed set of PHP source code framework. EasySNS V1.6 in the program implementation of arbitrary file download vulnerability, attackers c...