Описание
Reflected Cross Site Scripting (XSS) in error message
If a website has been set to the "dev" environment mode, a URL can be provided which includes an XSS payload which will be executed in the resulting error message.
Пакеты
Наименование
silverstripe/framework
composer
Затронутые версииВерсия исправления
< 5.3.8
5.3.8
Дефекты
CWE-79
Дефекты
CWE-79