silverstripe/versioned-admin is vulnerable to cross-site scripting.The vulnerability exists in the Value()
function of DiffField.php
due to non-html fields in diff which allows an attacker to inject and execute malicious JavaScript via compare mode.
forum.silverstripe.org/c/releases
github.com/advisories/GHSA-66jf-xm2m-7m8r
github.com/silverstripe/silverstripe-versioned-admin/commit/aef67c5b91f6e597cb502d8d7c999d483cc481f7
github.com/silverstripe/silverstripe-versioned-admin/pull/264
www.silverstripe.org/blog/tag/release
www.silverstripe.org/download/security-releases/
www.silverstripe.org/download/security-releases/CVE-2022-38145