Security Advisories - silverstripe/framework

silverstripe/framework Security Advisories for 4.3.3 (31)

[MEDIUM] CVE-2024-32981 - XSS Vulnerability with text/html base64-encoded payload

PKSA-jndv-7cgy-xwm3 CVE-2024-32981 GHSA-chx7-9x8h-r5mg

Affected version: <5.2.16

Reported by:
GitHub, FriendsOfPHP/security-advisories
SS-2024-001 - TinyMCE allows svg files linked in object tags

PKSA-8tf6-2hv5-c6tq

Affected version: <5.2.16

Reported by:
FriendsOfPHP/security-advisories
[MEDIUM] CVE-2023-48714 Record titles for restricted records can be viewed if exposed by GridFieldAddExistingAutocompleter

PKSA-vcdc-4796-kn58 CVE-2023-48714 GHSA-qm2j-qvq3-j29v

Affected version: >=3.0.0,<4.0.0|>=4.0.0,<4.13.39|>=5.0.0,<5.1.11

Reported by:
GitHub, FriendsOfPHP/security-advisories
[LOW] CVE-2023-32302 - Members with no password can be created and bypass custom login forms

PKSA-2t2m-vnwy-55q7 CVE-2023-32302 GHSA-36xx-7vf6-7mv3

Affected version: >=3.0.0,<4.13.14|>=5.0.0,<5.0.13

Reported by:
GitHub, FriendsOfPHP/security-advisories
[MEDIUM] CVE-2023-22729 - Open redirect vulnerability on CMSSecurity relogin screen

PKSA-hkbw-7cv6-kp2b CVE-2023-22729 GHSA-fw84-xgm8-9jmv

Affected version: >=4.0.0,<4.12.5

Reported by:
GitHub, FriendsOfPHP/security-advisories
[MEDIUM] CVE-2023-22728 - Missing permission check in GridFieldPrintButton

PKSA-r31r-w74j-z58p CVE-2023-22728 GHSA-jh3w-6jp2-vqqm

Affected version: >=4.0.0,<4.12.5

Reported by:
GitHub, FriendsOfPHP/security-advisories
[MEDIUM] CVE-2022-28803: Stored XSS in link tags added via XHR

PKSA-d1c8-bxwg-9sbf CVE-2022-28803 GHSA-rppc-655v-7j3c

Affected version: >=4.0.0,<4.10.9

Reported by:
GitHub, FriendsOfPHP/security-advisories
[MEDIUM] CVE-2022-25238: Stored XSS via HTML fields

PKSA-pwy1-2c1j-9m7p CVE-2022-25238 GHSA-jx34-gqqq-r6gm

Affected version: >=4.0.0,<4.10.9

Reported by:
GitHub, FriendsOfPHP/security-advisories
[MEDIUM] CVE-2021-41559: Quadratic blowup in Convert::xml2array()

PKSA-9b8c-khwh-k6t3 CVE-2021-41559 GHSA-9fmg-89fx-r33w

Affected version: >=4.0.0,<4.10.9

Reported by:
GitHub, FriendsOfPHP/security-advisories
[MEDIUM] SilverStripe XXE Vulnerability in CSSContentParser

PKSA-b5cb-66pw-rz2d CVE-2020-25817 GHSA-3vjc-5x79-m9r8

Affected version: >=4.0.0,<4.7.4

Reported by:
GitHub
[HIGH] SilverStripe Folders migrated from 3.x may be unsafe to upload to

PKSA-b4jh-m6fk-qfqf CVE-2020-9280 GHSA-592m-4533-rxq9

Affected version: >=4.0.0,<4.4.6

Reported by:
GitHub
[MEDIUM] Business Logic Errors in SilverStripe Framework

PKSA-7j38-hj68-r82v CVE-2022-0227 GHSA-32m2-9f76-4gv8

Affected version: <4.10.1

Reported by:
GitHub
[MEDIUM] CVE-2022-38724 - XSS in shortcodes

PKSA-nv1s-bg97-dttr CVE-2022-38724 GHSA-9cx2-hj6m-fv58

Affected version: >=4.0.0,<4.11.13

Reported by:
GitHub, FriendsOfPHP/security-advisories
[MEDIUM] CVE-2022-38462 - Reflected XSS in querystring parameters

PKSA-w2s3-shwy-3fdb CVE-2022-38462 GHSA-vvxf-r4vm-2vm6

Affected version: >=4.0.0,<4.11.13

Reported by:
GitHub, FriendsOfPHP/security-advisories
[HIGH] CVE-2022-38148 - Blind SQL Injection via GridFieldSortableHeader

PKSA-66v9-dz78-mbvh CVE-2022-38148 GHSA-rr8h-f97q-8p9c

Affected version: >=4.0.0,<4.10.11|>=4.11.0,<4.11.14

Reported by:
GitHub, FriendsOfPHP/security-advisories
[MEDIUM] CVE-2022-37429 - Stored XSS using HTMLEditor

PKSA-6c76-jv2c-jdb2 CVE-2022-37429 GHSA-wc6r-4ggc-79w5

Affected version: >=4.0.0,<4.11.13

Reported by:
GitHub, FriendsOfPHP/security-advisories
[MEDIUM] CVE-2022-37430 - Stored XSS using uppercase characters in HTMLEditor

PKSA-vhcz-xnb3-24gr CVE-2022-37430 GHSA-qw4w-vq8v-2wcv

Affected version: >=4.0.0,<4.11.13

Reported by:
GitHub, FriendsOfPHP/security-advisories
[MEDIUM] CVE-2020-26138 FormField: with square brackets in field name skips validation

PKSA-pq7g-1pwh-dw3n CVE-2020-26138 GHSA-7mv4-4xpg-xq44

Affected version: >=3.0.0,<4.0.0|>=4.0.0,<4.7.4

Reported by:
GitHub, FriendsOfPHP/security-advisories
CVE-2021-25817 XXE: Vulnerability in CSSContentParser

PKSA-pkf7-4y19-7jgw CVE-2021-25817

Affected version: >=4.0.0,<4.7.4

Reported by:
FriendsOfPHP/security-advisories
[HIGH] CVE-2020-6164: Information disclosure on /interactive URL path

PKSA-zhcm-grw1-sw1m CVE-2020-6164 GHSA-gm5x-hpmw-xpxg

Affected version: >=4.0.0,<4.4.7|>=4.5.0,<4.5.4

Reported by:
GitHub, FriendsOfPHP/security-advisories
[MEDIUM] CVE-2019-19326: Web Cache Poisoning through HTTPRequestBuilder

PKSA-75gp-x5bj-hcwc CVE-2019-19326 GHSA-q9ff-3q93-fm8m

Affected version: >=4.0.0,<4.4.7|>=4.5.0,<4.5.4|>=3.0.0,<3.7.5

Reported by:
GitHub, FriendsOfPHP/security-advisories
[MEDIUM] CVE-2019-19325: XSS through non-scalar FormField attributes

PKSA-cttv-q8kk-m71w CVE-2019-19325 GHSA-qvrv-2x7x-78x2

Affected version: >=4.0.0,<4.4.5|>=4.5.0,<4.5.2

Reported by:
GitHub, FriendsOfPHP/security-advisories
[MEDIUM] Lack of access control on upoaded files

PKSA-5yvt-vswv-zn54 CVE-2019-12245 GHSA-jvx5-rm6q-gx7p

Affected version: >=4.4.0,<4.4.4|>=4.0.0,<4.3.6|>=3.7.0,<3.7.4|<3.6.8

Reported by:
GitHub
[LOW] CVE-2019-12617: Access escalation for CMS users with limited access through permission cache pollution

PKSA-5rys-h48p-tw2m CVE-2019-12617 GHSA-6r58-4xgr-gm6m

Affected version: >=4.3.0,<4.3.5|>=4.4.0,<4.4.4

Reported by:
GitHub, FriendsOfPHP/security-advisories
[MEDIUM] CVE-2019-14272: XSS in file titles managed through the CMS

PKSA-qgy1-mwbw-7ywr CVE-2019-14272 GHSA-jgw2-f5mx-rg7h

Affected version: >=4.0.0,<4.3.5|>=4.4.0,<4.4.4

Reported by:
GitHub, FriendsOfPHP/security-advisories
[MEDIUM] CVE-2019-14273: Broken Access control on files

PKSA-g9hg-jbs3-qz4m CVE-2019-14273 GHSA-43jj-2rwc-2m3f

Affected version: >=4.0.0,<4.3.5|>=4.4.0,<4.4.4

Reported by:
GitHub, FriendsOfPHP/security-advisories
[MEDIUM] CVE-2019-16409: Secureassets and versionedfiles modules can expose versions of protected files

PKSA-wp9q-nw9g-sv7t CVE-2019-16409 GHSA-xm6j-x342-gwq9

Affected version: >=4.0.0,<4.3.5|>=4.4.0,<4.4.4

Reported by:
GitHub, FriendsOfPHP/security-advisories
[CRITICAL] CVE-2019-12204: Missing warning on install.php on public webroot can lead to unauthenticated admin access

PKSA-5v3s-v315-b3zz CVE-2019-12204 GHSA-cg8j-8w52-735v

Affected version: >=4.1.0,<4.3.5|>=4.4.0,<4.4.4

Reported by:
GitHub, FriendsOfPHP/security-advisories
[MEDIUM] CVE-2019-12205: Clipboard Reflected XSS

PKSA-89c6-sr3z-fq77 CVE-2019-12205 GHSA-rfvw-5848-gxc5

Affected version: >=3.0.0,<3.9.99|>=4.3.0,<4.3.5|>=4.4.0,<4.4.4

Reported by:
GitHub, FriendsOfPHP/security-advisories
[MEDIUM] CVE-2019-12203: Session fixation in "change password" form

PKSA-wh2k-pccc-jn5p CVE-2019-12203 GHSA-w7r7-r8r9-vrg2

Affected version: >=3.6.0,<3.6.8|>=3.7.0,<3.7.4|>=4.0.0,<4.3.5|>=4.4.0,<4.4.4

Reported by:
GitHub, FriendsOfPHP/security-advisories
[MEDIUM] CVE-2019-12246: Denial of Service on flush and development URL tools

PKSA-9415-sntm-q9m8 CVE-2019-12246 GHSA-5fr8-xhqq-4p3q

Affected version: >=4.0.0,<4.4.0|>=4.1.0,<4.4.0|>=4.2.0,<4.4.0|>=4.3.0,<4.4.0

Reported by:
GitHub, FriendsOfPHP/security-advisories

silverstripe/framework Security Advisories for 4.3.3 (31)

[MEDIUM] CVE-2024-32981 - XSS Vulnerability with text/html base64-encoded payload

SS-2024-001 - TinyMCE allows svg files linked in object tags

[MEDIUM] CVE-2023-48714 Record titles for restricted records can be viewed if exposed by GridFieldAddExistingAutocompleter

[LOW] CVE-2023-32302 - Members with no password can be created and bypass custom login forms

[MEDIUM] CVE-2023-22729 - Open redirect vulnerability on CMSSecurity relogin screen

[MEDIUM] CVE-2023-22728 - Missing permission check in GridFieldPrintButton

[MEDIUM] CVE-2022-28803: Stored XSS in link tags added via XHR

[MEDIUM] CVE-2022-25238: Stored XSS via HTML fields

[MEDIUM] CVE-2021-41559: Quadratic blowup in Convert::xml2array()

[MEDIUM] SilverStripe XXE Vulnerability in CSSContentParser

[HIGH] SilverStripe Folders migrated from 3.x may be unsafe to upload to

[MEDIUM] Business Logic Errors in SilverStripe Framework

[MEDIUM] CVE-2022-38724 - XSS in shortcodes

[MEDIUM] CVE-2022-38462 - Reflected XSS in querystring parameters

[HIGH] CVE-2022-38148 - Blind SQL Injection via GridFieldSortableHeader

[MEDIUM] CVE-2022-37429 - Stored XSS using HTMLEditor

[MEDIUM] CVE-2022-37430 - Stored XSS using uppercase characters in HTMLEditor

[MEDIUM] CVE-2020-26138 FormField: with square brackets in field name skips validation

CVE-2021-25817 XXE: Vulnerability in CSSContentParser

[HIGH] CVE-2020-6164: Information disclosure on /interactive URL path

[MEDIUM] CVE-2019-19326: Web Cache Poisoning through HTTPRequestBuilder

[MEDIUM] CVE-2019-19325: XSS through non-scalar FormField attributes

[MEDIUM] Lack of access control on upoaded files

[LOW] CVE-2019-12617: Access escalation for CMS users with limited access through permission cache pollution

[MEDIUM] CVE-2019-14272: XSS in file titles managed through the CMS

[MEDIUM] CVE-2019-14273: Broken Access control on files

[MEDIUM] CVE-2019-16409: Secureassets and versionedfiles modules can expose versions of protected files

[CRITICAL] CVE-2019-12204: Missing warning on install.php on public webroot can lead to unauthenticated admin access

[MEDIUM] CVE-2019-12205: Clipboard Reflected XSS

[MEDIUM] CVE-2019-12203: Session fixation in "change password" form

[MEDIUM] CVE-2019-12246: Denial of Service on flush and development URL tools