Lucene search

K

Veracode Vulnerability DatabaseVERACODE:47573

HistoryJun 17, 2024 - 8:22 a.m.

Unauthorized Access

2024-06-1708:22:55

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

5

silverstripe

unauthorized access

vulnerability

url parameters

debugging tools

development

AI Score

6.8

Confidence

Low

SilverStripe is vulnerable to Unauthorized Access. The vulnerability is due to failure to restrict access via the URL parameters isDev and isTest with debugging tools intended only for development (“dev mode”), which allows unauthenticated users to expose sensitive debugging information typically hidden in production environments, such as verbose errors and backtraces.

AI Score

6.8

Confidence

Low