Описание
Cross-site scripting (XSS) vulnerability in SilverStripe 2.3.x before 2.3.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to DataObjectSet pagination.
Cross-site scripting (XSS) vulnerability in SilverStripe 2.3.x before 2.3.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to DataObjectSet pagination.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2010-5095
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56546
- http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.3.6
- http://groups.google.com/group/silverstripe-announce/browse_thread/thread/c75fbd7926ed2725?tvc=2&fwc=1
- http://secunia.com/advisories/38697
- http://www.openwall.com/lists/oss-security/2012/04/30/1
- http://www.openwall.com/lists/oss-security/2012/04/30/3
- http://www.openwall.com/lists/oss-security/2012/05/01/3
- http://www.osvdb.org/62541
- http://www.securityfocus.com/bid/38394
- http://www.silverstripe.org/security-releases
Связанные уязвимости
nvd
больше 13 лет назад
Cross-site scripting (XSS) vulnerability in SilverStripe 2.3.x before 2.3.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to DataObjectSet pagination.
debian
больше 13 лет назад
Cross-site scripting (XSS) vulnerability in SilverStripe 2.3.x before ...