CVE-2021-41559

CVE-2021-41559

EPSS 1.0%

Silverstripe silverstripe/framework 4.8.1 has a quadratic blowup in Convert::xml2array() that enables a remote attack via a crafted XML document.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/silverstripe/silverstripe-framework/releases https://www.silverstripe.org/download/security-releases/https://www.silverstripe.org/download/security-releases/cve-2021-41559