EPSS
Percentile
33.8%
silverstripe/framework is vulnerable to cross-site scripting (XSS). A remote attacker is able to inject and execute arbitrary Javascript into a user’s browser via the login and custom forms.
github.com/silverstripe/silverstripe-framework/pull/94
www.silverstripe.org/download/security-releases/cve-2019-19325