silverstripe/subsites is vulnerable to privilege escalation. The vulnerability exists in FileSubsites.php
due to the lack of validation in file edit privileges, which allows an attacker to modify sensitive files inside the system.
github.com/advisories/GHSA-cx45-565q-6qx8
github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/subsites/CVE-2022-42949.yaml
github.com/silverstripe/silverstripe-subsites/commit/73f3d15bfb90ba779dd5498fcc5ae4ab292d6272
github.com/silverstripe/silverstripe-subsites/pull/498
www.silverstripe.org/download/security-releases/
www.silverstripe.org/download/security-releases/cve-2022-42949