CVE-2020-26136

CVE-2020-26136

EPSS 1.2%

In SilverStripe through 4.6.0-rc1, GraphQL doesn't honour MFA (multi-factor authentication) when using basic authentication.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://forum.silverstripe.org/c/releases https://www.silverstripe.org/blog/tag/release https://www.silverstripe.org/download/security-releases/https://www.silverstripe.org/download/security-releases/cve-2020-26136