Silverstripe: >> Assets >> 1.0.2 Security Vulnerabilities
Silverstripe silverstripe/framework through 4.11.0, silverstripe/assets through 1.11.0, and silverstripe/asset-admin through 1.11.0 allow XSS.
CVSS Score
5.4
EPSS Score
0.003
Published
2022-11-23
Silverstripe silverstripe/assets through 1.10 is vulnerable to improper access control that allows protected images to be published by changing an existing image short code on website content.
CVSS Score
4.3
EPSS Score
0.002
Published
2022-06-28