Exposição de Silverstripe
CMS13
score de exposição
2.635
sites usam
0
em exploração
0
críticos
CVEs
15 resultadosCVE-2024-47605MEDIUMCross-site Scripting via insert media remote file oembed in silverstripe-asset-adminEPSS 1.1%CVE-2023-28104HIGHsilverstripe/graphql Denial of Service vulnerabilityEPSS 1.1%CVE-2023-40180HIGHDenial of service vulnerability in silverstripe-graphql via recursive queriesEPSS 0.9%CVE-2022-29254LOWFailed payment recorded has completed in silverstripe/silverstripe-omnipayEPSS 0.6%CVE-2023-22728MEDIUMSilverstripe Framework has missing permission check of canView in GridFieldPrintButtonEPSS 0.5%CVE-2023-22729MEDIUMSilverstripe Framework has open redirect vulnerability on CMSSecurity relogin screen EPSS 0.4%CVE-2023-44401MEDIUMSilverstripe GraqhQL's view permissions are bypassed for paginated lists of ORM dataEPSS 0.4%CVE-2024-29885MEDIUMReports are still accessible even when `canView()` returns false in silverstripe/reportsEPSS 0.4%CVE-2026-24749MEDIUMSilverstripe Assets Module has a DBFile::getURL() permission bypassEPSS 0.4%CVE-2023-48714MEDIUMRecord titles for restricted records can be viewed if exposed by GridFieldAddExistingAutocompleterEPSS 0.4%CVE-2023-49783MEDIUMNo permission checks for editing/deleting records with CSV import formEPSS 0.3%CVE-2024-32981MEDIUMCross-site Scripting vulnerability with encoded payload in silverstripe/frameworkEPSS 0.3%CVE-2024-53277MEDIUMCross-site Scripting in form messages in silverstripe frameworkEPSS 0.3%CVE-2025-25197MEDIUMSilverstripe Elemental enables XSS attacks in elemental "Content blocks in use" reportsEPSS 0.3%CVE-2025-30148MEDIUMSilverstripe Framework has a XSS vulnerability in HTML editorEPSS 0.2%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →