silverstripe/framework is vulnerable to improper input validation. The vulnerability exists in the validate
function of FileField.php
because FileField does not properly validate single file upload which allows a malicious attacker to upload multiple files by adding square brackets.
forum.silverstripe.org/c/releases
github.com/advisories/GHSA-7mv4-4xpg-xq44
github.com/silverstripe/silverstripe-framework/commit/06dbd5237b97891239b2b1334e3c03f08ba70eb0
github.com/silverstripe/silverstripe-framework/releases/tag/4.7.4
www.silverstripe.org/blog/tag/release
www.silverstripe.org/download/security-releases/
www.silverstripe.org/download/security-releases/cve-2020-26138