Vulnerability Database

296,172

Total vulnerabilities in the database

silverstripe/framework has Cross-site Scripting vulnerability in CMSSecurity BackURL

In follow up to SS-2016-001 there is yet a minor unresolved fix to incorrectly encoded URL.

CVSS v3:

  • Severity: Unknown
  • Score:
  • AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
Composer icon silverstripe / framework 3.1.0-rc1 3.1.21
Composer icon silverstripe / framework 3.2.0-rc1 3.2.6
Composer icon silverstripe / framework 3.3.0-rc1 3.3.4
Composer icon silverstripe / framework 3.4.0-rc1 3.4.2