CVE-2019-12204

Published: Sep 25, 2019
Updated: May 9, 2024
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2019-12204" target="_blank" rel="noopener"> CVE-2019-12204
GHSA: <a href="https://github.com/advisories/GHSA-cg8j-8w52-735v" target="_blank" rel="noopener"> GHSA-cg8j-8w52-735v
Severity: Critical
Exploit:

In SilverStripe through 4.3.3, a missing warning about leaving install.php in a public webroot can lead to unauthenticated admin access.

CVSS v3:

CVSS v2:

No CWE or OWASP classifications available.

Vulnerability Database