296,147
Total vulnerabilities in the database
SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism and hijack the authentication of administrators via vectors related to "form action requests" using a controller.
| Software | From | Fixed in |
|---|---|---|
| silverstripe / silverstripe | 2.3.4 | 2.3.4.x |
| silverstripe / silverstripe | 2.3.0-rc2 | 2.3.0-rc2.x |
| silverstripe / silverstripe | 2.3.7 | 2.3.7.x |
| silverstripe / silverstripe | 2.3.10 | 2.3.10.x |
| silverstripe / silverstripe | 2.3.1-rc2 | 2.3.1-rc2.x |
| silverstripe / silverstripe | 2.3.0-rc3 | 2.3.0-rc3.x |
| silverstripe / silverstripe | 2.3.3 | 2.3.3.x |
| silverstripe / silverstripe | 2.3.8 | 2.3.8.x |
| silverstripe / silverstripe | 2.3.1 | 2.3.1.x |
| silverstripe / silverstripe | 2.3.1-rc1 | 2.3.1-rc1.x |
| silverstripe / silverstripe | 2.3.5 | 2.3.5.x |
| silverstripe / silverstripe | 2.3.9 | 2.3.9.x |
| silverstripe / silverstripe | 2.3.6 | 2.3.6.x |
| silverstripe / silverstripe | 2.3.0 | 2.3.0.x |
| silverstripe / silverstripe | 2.3.2 | 2.3.2.x |
| silverstripe / silverstripe | 2.3.0-rc1 | 2.3.0-rc1.x |
| silverstripe / silverstripe | 2.4.1 | 2.4.1.x |
| silverstripe / silverstripe | 2.4.0 | 2.4.0.x |
| silverstripe / silverstripe | 2.4.2 | 2.4.2.x |
| silverstripe / silverstripe | 2.4.3 | 2.4.3.x |