Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

silverstripe — Vulnerabilities & Security Advisories 15

Browse all 15 CVE security advisories affecting silverstripe. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by silverstripe:silverstripe-frameworksilverstripe-graphqlsilverstripe-omnipaysilverstripe-adminsilverstripe-reportssilverstripe-asset-adminsilverstripe-elementalsilverstripe-assets
CVE IDTitleCVSSSeverityPublished
CVE-2026-24749 Silverstripe Assets Module has a DBFile::getURL() permission bypass — silverstripe-assetsCWE-863 5.3 Medium2026-04-16
CVE-2025-30148 Silverstripe Framework has a XSS vulnerability in HTML editor — silverstripe-frameworkCWE-79 5.4 Medium2025-04-10
CVE-2025-25197 Silverstripe Elemental enables XSS attacks in elemental "Content blocks in use" reports — silverstripe-elementalCWE-79 5.4 Medium2025-04-10
CVE-2024-53277 Cross-site Scripting in form messages in silverstripe framework — silverstripe-frameworkCWE-79 5.4 Medium2025-01-14
CVE-2024-47605 Cross-site Scripting via insert media remote file oembed in silverstripe-asset-admin — silverstripe-asset-adminCWE-79 5.4 Medium2025-01-14
CVE-2024-32981 Cross-site Scripting vulnerability with encoded payload in silverstripe/framework — silverstripe-frameworkCWE-79 5.4 Medium2024-07-17
CVE-2024-29885 Reports are still accessible even when `canView()` returns false in silverstripe/reports — silverstripe-reportsCWE-200 4.3 Medium2024-07-17
CVE-2023-49783 No permission checks for editing/deleting records with CSV import form — silverstripe-adminCWE-863 4.3 Medium2024-01-23
CVE-2023-48714 Record titles for restricted records can be viewed if exposed by GridFieldAddExistingAutocompleter — silverstripe-frameworkCWE-200 4.3 Medium2024-01-23
CVE-2023-44401 Silverstripe GraqhQL's view permissions are bypassed for paginated lists of ORM data — silverstripe-graphqlCWE-863 5.3 Medium2024-01-23
CVE-2023-40180 Denial of service vulnerability in silverstripe-graphql via recursive queries — silverstripe-graphqlCWE-400 7.5 High2023-10-16
CVE-2023-22729 Silverstripe Framework has open redirect vulnerability on CMSSecurity relogin screen — silverstripe-frameworkCWE-601 5.4 Medium2023-04-26
CVE-2023-22728 Silverstripe Framework has missing permission check of canView in GridFieldPrintButton — silverstripe-frameworkCWE-862 4.3 Medium2023-04-26
CVE-2023-28104 silverstripe/graphql Denial of Service vulnerability — silverstripe-graphqlCWE-770 7.5 High2023-03-16
CVE-2022-29254 Failed payment recorded has completed in silverstripe/silverstripe-omnipay — silverstripe-omnipayCWE-436 3.7 Low2022-06-06

This page lists every published CVE security advisory associated with silverstripe. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.