CVE-2023-40180 – Denial of service vulnerability in silverstripe-graphql via recursive queries
https://notcve.org/view.php?id=CVE-2023-40180
silverstripe-graphql is a package which serves Silverstripe data in GraphQL representations. An attacker could use a recursive graphql query to execute a Distributed Denial of Service attack (DDOS attack) against a website. This mostly affects websites with publicly exposed graphql schemas. If your Silverstripe CMS project does not expose a public facing graphql schema, a user account is required to trigger the DDOS attack. If your site is hosted behind a content delivery network (CDN), such as Imperva or CloudFlare, this may further mitigate the risk. • https://docs.silverstripe.org/en/developer_guides/graphql/security_and_best_practices/recursive_or_complex_queries https://github.com/silverstripe/silverstripe-graphql/commit/f6d5976ec4608e51184b0db1ee5b9e9a99d2501c https://github.com/silverstripe/silverstripe-graphql/security/advisories/GHSA-v23w-pppm-jh66 https://github.com/silverstripe/silverstripe-graphql/tree/3.8#recursive-or-complex-queries https://www.silverstripe.org/download/security-releases/CVE-2023-40180 • CWE-400: Uncontrolled Resource Consumption •
CVE-2023-22729 – Silverstripe Framework has open redirect vulnerability on CMSSecurity relogin screen
https://notcve.org/view.php?id=CVE-2023-22729
Silverstripe Framework is the Model-View-Controller framework that powers the Silverstripe content management system. Prior to version 4.12.15, an attacker can display a link to a third party website on a login screen by convincing a legitimate content author to follow a specially crafted link. Users should upgrade to Silverstripe Framework 4.12.15 or above to address the issue. • https://github.com/silverstripe/silverstripe-framework/commit/1a5bb4cbece1721203977910b8ecd8b79c18dc77 https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-fw84-xgm8-9jmv • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVE-2023-22728 – Silverstripe Framework has missing permission check of canView in GridFieldPrintButton
https://notcve.org/view.php?id=CVE-2023-22728
Silverstripe Framework is the Model-View-Controller framework that powers the Silverstripe content management system. Prior to version 4.12.15, the GridField print view incorrectly validates the permission of DataObjects potentially allowing a content author to view records they are not authorised to access. Users should upgrade to Silverstripe Framework 4.12.15 or above to address the issue. • https://github.com/silverstripe/silverstripe-framework/commit/fd5d8217e83768d7bf841e94b2d4d82642d5bc58 https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-jh3w-6jp2-vqqm • CWE-862: Missing Authorization •
CVE-2023-28104 – silverstripe/graphql Denial of Service vulnerability
https://notcve.org/view.php?id=CVE-2023-28104
`silverstripe/graphql` serves Silverstripe data as GraphQL representations. In versions 4.2.2 and 4.1.1, an attacker could use a specially crafted graphql query to execute a denial of service attack against a website which has a publicly exposed graphql endpoint. This mostly affects websites with particularly large/complex graphql schemas. Users should upgrade to `silverstripe/graphql` 4.2.3 or 4.1.2 to remedy the vulnerability. • https://github.com/silverstripe/silverstripe-graphql/pull/526 https://github.com/silverstripe/silverstripe-graphql/releases/tag/4.1.2 https://github.com/silverstripe/silverstripe-graphql/releases/tag/4.2.3 https://github.com/silverstripe/silverstripe-graphql/security/advisories/GHSA-67g8-c724-8mp3 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2022-42949
https://notcve.org/view.php?id=CVE-2022-42949
Silverstripe silverstripe/subsites through 2.6.0 has Insecure Permissions. Silverstripe silverstripe/subsites hasta 2.6.0 tiene permisos inseguros. • https://www.silverstripe.org/download/security-releases https://www.silverstripe.org/download/security-releases/cve-2022-42949 • CWE-732: Incorrect Permission Assignment for Critical Resource •