CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32981 – Cross-site Scripting vulnerability with encoded payload in silverstripe/framework
https://notcve.org/view.php?id=CVE-2024-32981
Silverstripe framework is the PHP framework forming the base for the Silverstripe CMS. In affected versions a bad actor with access to edit content in the CMS could add send a specifically crafted encoded payload to the server, which could be used to inject a JavaScript payload on the front end of the site. The payload would be sanitised on the client-side, but server-side sanitisation doesn't catch it. The server-side sanitisation logic has been updated to sanitise against this type of attack in version 5.2.16. All users are advised to upgrade. • https://github.com/silverstripe/silverstripe-framework/commit/b8d20dc9d531550e06fd7da7a0eafa551922e2e1 https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-chx7-9x8h-r5mg https://www.silverstripe.org/download/security-releases/cve-2024-32981 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29885 – Reports are still accessible even when `canView()` returns false in silverstripe/reports
https://notcve.org/view.php?id=CVE-2024-29885
silverstripe/reports is an API for creating backend reports in the Silverstripe Framework. In affected versions reports can be accessed by their direct URL by any user who has access to view the reports admin section, even if the `canView()` method for that report returns `false`. This issue has been addressed in version 5.2.3. All users are advised to upgrade. There are no known workarounds for this vulnerability. silverstripe/reports es una API para crear informes de backend en Silverstripe Framework. • https://github.com/silverstripe/silverstripe-reports/commit/0351106c18ad4246d983b5f4e082c09c382121f4 https://github.com/silverstripe/silverstripe-reports/security/advisories/GHSA-89q6-98xx-4ffw https://www.silverstripe.org/download/security-releases/cve-2024-29885 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-37421
https://notcve.org/view.php?id=CVE-2022-37421
Silverstripe silverstripe/cms through 4.11.0 allows XSS. El cms de Silverstripe hasta 4.11.0 permite XSS. • https://forum.silverstripe.org/c/releases https://www.silverstripe.org/blog/tag/release https://www.silverstripe.org/download/security-releases https://www.silverstripe.org/download/security-releases/CVE-2022-37421 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-28803
https://notcve.org/view.php?id=CVE-2022-28803
In SilverStripe Framework through 2022-04-07, Stored XSS can occur in javascript link tags added via XMLHttpRequest (XHR). En SilverStripe Framework versiones hasta 07-04-2022, un ataque de tipo XSS almacenado puede ocurrir en etiquetas de enlace javascript añadidas por medio de XMLHttpRequest (XHR) • https://silverstripe.org https://www.silverstripe.org/download/security-releases/cve-2022-28803 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-24444
https://notcve.org/view.php?id=CVE-2022-24444
Silverstripe silverstripe/framework through 4.10 allows Session Fixation. Silverstripe silverstripe/framework versiones hasta 4.10, permite una Fijación de Sesión • https://docs.silverstripe.org/en/4/changelogs/4.10.1 https://forum.silverstripe.org/c/releases https://www.silverstripe.org/blog/tag/release https://www.silverstripe.org/download/security-releases https://www.silverstripe.org/download/security-releases/cve-2022-24444 • CWE-384: Session Fixation •