NotCVE - vendor:"Silverstripe" product:"Silverstripe" version:" <= 2.3.12"

Page 3 of 45 results (0.002 seconds)

CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-12617

https://notcve.org/view.php?id=CVE-2019-12617

In SilverStripe through 4.3.3, there is access escalation for CMS users with limited access through permission cache pollution. En SilverStripe versiones hasta 4.3.3, se presenta una escalada de acceso para usuarios de CMS con acceso limitado mediante la contaminación de la caché de permisos. • https://forum.silverstripe.org/c/releases https://www.silverstripe.org/blog/tag/release https://www.silverstripe.org/download/security-releases https://www.silverstripe.org/download/security-releases/CVE-2019-12617 •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-14272

https://notcve.org/view.php?id=CVE-2019-14272

In SilverStripe asset-admin 4.0, there is XSS in file titles managed through the CMS. En SilverStripe asset-admin versión 4.0, se presenta una vulnerabilidad de tipo XSS en los títulos de archivos administrados mediante el CMS. • https://forum.silverstripe.org/c/releases https://www.silverstripe.org/blog/tag/release https://www.silverstripe.org/download/security-releases https://www.silverstripe.org/download/security-releases/CVE-2019-14272 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-14273

https://notcve.org/view.php?id=CVE-2019-14273

In SilverStripe assets 4.0, there is broken access control on files. En SilverStripe assets versión 4.0, se presenta un control de acceso violado en los archivos. • https://forum.silverstripe.org/c/releases https://www.silverstripe.org/blog/tag/release https://www.silverstripe.org/download/security-releases https://www.silverstripe.org/download/security-releases/CVE-2019-14273 • CWE-552: Files or Directories Accessible to External Parties •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-12205

https://notcve.org/view.php?id=CVE-2019-12205

SilverStripe through 4.3.3 has Flash Clipboard Reflected XSS. SilverStripe versiones hasta 4.3.3, presenta una vulnerabilidad de tipo XSS Reflejada de Flash Clipboard. • https://forum.silverstripe.org/c/releases https://www.silverstripe.org/download/security-releases https://www.silverstripe.org/download/security-releases/CVE-2019-12205 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-12203

https://notcve.org/view.php?id=CVE-2019-12203

SilverStripe through 4.3.3 allows session fixation in the "change password" form. SilverStripe versiones hasta 4.3.3, permite la fijación de la sesión en el formulario "change password". • https://forum.silverstripe.org/c/releases https://www.silverstripe.org/download/security-releases https://www.silverstripe.org/download/security-releases/CVE-2019-12203 • CWE-384: Session Fixation •

1 2 3 4 5