GHSA-34q6-xqxh-gq39 – silverstripe/framework

Package

Manager: composer
Name: silverstripe/framework
Vulnerable Version: >=0 <3.0.13 || >=3.1.0 <3.1.12

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

EPSS: N/A pctlN/A

Details

Silverstripe XSS In rewritten hash links A high level XSS vulnerability has been discovered in the SilverStripe framework which causes links containing hash anchors (E.g. href="#anchor") to be rewritten in an unsafe way. The rewriteHashlinks option on SSViewer will rewrite these to contain the current url, although without adequate escaping, meaning that HTML could be injected via injecting unsafe values to any page via the querystring. Due to the nature of this issue it is likely that a large number of SilverStripe sites are affected.

Metadata

Created: 2024-05-23T15:21:44Z
Modified: 2024-05-23T15:21:44Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/05/GHSA-34q6-xqxh-gq39/GHSA-34q6-xqxh-gq39.json
CWE IDs: ["CWE-79"]
Alternative ID: N/A
Finding: F008
Auto approve: 1