CVE ID | Published | Description | Score | Severity |
---|---|---|---|---|
Silverstripe silverstripe/cms through 4.11.0 allows XSS. | 5.4 |
Medium |
||
In SilverStripe Framework through 2022-04-07, Stored XSS can occur in javascript link tags added via XMLHttpRequest (XHR). | 5.4 |
Medium |
||
Silverstripe silverstripe/framework 4.8.1 has a quadratic blowup in Convert::xml2array() that enables a remote attack via a crafted XML document. | 6.5 |
Medium |