silverstripe/framework is vulnerable to Cross Site Scripting (XSS). The vulnerability is due to improper validation allowing users to specify a non-URL malicious script as the redirection path, which executes within the browser when the URL is followed.