CVE-2020-26138

CVE-2020-26138

EPSS 1.3%

In SilverStripe through 4.6.0-rc1, a FormField with square brackets in the field name skips validation.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://forum.silverstripe.org/c/releases https://www.silverstripe.org/blog/tag/release https://www.silverstripe.org/download/security-releases/https://www.silverstripe.org/download/security-releases/cve-2020-26138