Vulnerabilities (CVE)

Filtered by vendor Silverstripe Subscribe
Filtered by product Assets
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-38724 1 Silverstripe 3 Asset Admin, Assets, Framework 2024-11-21 N/A 5.4 MEDIUM
Silverstripe silverstripe/framework through 4.11.0, silverstripe/assets through 1.11.0, and silverstripe/asset-admin through 1.11.0 allow XSS.
CVE-2022-29858 1 Silverstripe 1 Assets 2024-11-21 4.0 MEDIUM 4.3 MEDIUM
Silverstripe silverstripe/assets through 1.10 is vulnerable to improper access control that allows protected images to be published by changing an existing image short code on website content.