Lucene search
Veracode Vulnerability DatabaseVERACODE:47577HistoryJun 17, 2024 - 9:03 a.m.
Privilege Escalation
2024-06-1709:03:16
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
silverstripe/framework
privilege escalation
cms fields
vulnerability
directgroups
groups relation
edit_permissions
security section
AI Score
7.3
Confidence
High
silverstripe/framework is vulnerable to Privilege Escalation. The vulnerability is due to the CMS Fields for members being constructed using DirectGroups instead of Groups relation. The vulnerability allows attacker with EDIT_PERMISSIONS and access to the βSecurityβ section to escalate their privileges within the system.
AI Score
7.3
Confidence
High