| Title |
Severity |
Exploit |
Date |
Affected Version |
|
Silverstripe X-Forwarded-Host request hostname injection
|
High
|
|
May 23, 2024
|
>= 3.1.0 < 3.1.13
|
|
Silverstripe XSS in Director::force_redirect()
|
Medium
|
|
May 23, 2024
|
>= 3.1.0 < 3.1.12
|
|
Silverstripe XSS In FormAction
|
Medium
|
|
May 23, 2024
|
>= 3.1.0 < 3.1.10
|
|
Silverstripe XSS In rewritten hash links
|
Medium
|
|
May 23, 2024
|
< 3.0.13
>= 3.1.0 < 3.1.12
|
|
Silverstripe XSS In GridField print
|
Medium
|
|
May 23, 2024
|
>= 3.1.0 < 3.1.10
|
|
Silverstripe XSS in TreeDropdownField and TreeMultiSelectField
|
Medium
|
|
May 23, 2024
|
>= 3.1.0 < 3.1.10
|
|
SilverStripe framework XML Quadratic Blowup Attack
|
Medium
|
|
May 23, 2024
|
< 3.1.12
|
|
Silverstripe IE requests not properly behaving with rewritehashlinks
|
Medium
|
|
May 23, 2024
|
< 3.0.13
>= 3.1.0 < 3.1.12
|
|
CVE-2023-48714
|
Low
|
|
Jan 23, 2024
|
< 4.13.39
>= 5.0.0 < 5.1.11
|
|
CVE-2023-32302
|
Low
|
|
Aug 1, 2023
|
>= 5.0.0 < 5.0.13
>= 3.0.0 < 4.13.14
|
silverstripe / framework