www.silverstripe.org
Open in
urlscan Pro
213.170.156.3
Public Scan
URL:
https://www.silverstripe.org/download/security-releases/cve-2022-29858
Submission: On June 29 via api from NL — Scanned from NL
Submission: On June 29 via api from NL — Scanned from NL
Form analysis
1 forms found in the DOM<form class="search-form">
<input autocomplete="off" type="text" size="10" class="search-form__input st-default-search-input" name="search" aria-label="Search SilverStripe" spellcheck="false" placeholder="Search SilverStripe...">
<button class="search-form__button" type="submit">
<svg role="img" aria-label="Search" version="1.1" id="SearchIcon" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" viewBox="0 0 512 512" style="enable-background:new 0 0 512 512;" xml:space="preserve">
<title>Search</title>
<desc>Site search</desc>
<path class="search-svg" d="M445,386.7l-84.8-85.9c13.8-24.1,21-50.9,21-77.9c0-87.6-71.2-158.9-158.6-158.9C135.2,64,64,135.3,64,222.9
c0,87.6,71.2,158.9,158.6,158.9c27.9,0,55.5-7.7,80.1-22.4l84.4,85.6c1.9,1.9,4.6,3.1,7.3,3.1c2.7,0,5.4-1.1,7.3-3.1l43.3-43.8
C449,397.1,449,390.7,445,386.7z M222.6,125.9c53.4,0,96.8,43.5,96.8,97c0,53.5-43.4,97-96.8,97c-53.4,0-96.8-43.5-96.8-97
C125.8,169.4,169.2,125.9,222.6,125.9z"></path>
</svg>
</button>
</form>
Text Content
Skip to main content This site requires you to enable JavaScript. Your browsing experience may not be as good as with it turned on. This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version. Site Navigation Mobile site navigation * Search Site search * * Software * CMS * Framework * Addons * Hosting * Roadmap * History * BSD License * Community * Developer directory * Showcase * Forums * Slack * Join us * Contribute * Learn * Using the CMS * Developer Docs * API Docs * Lessons * Blog * Download * Addons * Security Releases * Release Archive * Changelog * Release process * Try * * * Open Source * Software * CMS * Screencasts * Framework * Addons * Modules * Themes * Vendors * Authors * Tags * Submit * Supported Modules Definition * Commercially Supported Modules * Hosting * Roadmap * History * Feedback and reviews * BSD License * Community * Developer directory * Showcase * New Submission * Forums * Slack * Join us * Contribute * Designers * Community dashboard * Github All Open UX issues * Learn * Using the CMS * Developer Docs * API Docs * Lessons * Lessons (v4) * Lessons (v3) * Blog * Download * Addons * Security Releases * CVE-2019-12245: Incorrect access control vulnerability in files uploaded to protected folders * CVE-2019-12149: Potential SQL injection in restfulserver and registry modules * CVE-2019-12246: Denial of Service on flush and development URL tools * CVE-2019-12437: Cross Site Request Forgery (CSRF) Protection Bypass in GraphQL * CVE-2019-5715: Reflected SQL Injection through Form and DataObject * SS-2018-024: GraphQL does not validate X-CSRF-TOKEN * SS-2018-020: Potential SQL vulnerability in PostgreSQL database connector * SS-2018-019: Possible denial of service attack vector when flushing * SS-2018-018: Database credentials disclosure during connection failure * SS-2018-017: Possible PHP Object Injection via Multi-Value Field Extension * SS-2018-016: Unsafe SQL Query Construction (Safe Data Source) * SS-2018-015: Vulnerable dependency * SS-2018-014: Dangerous file types in allowed upload * SS-2018-013: Passwords sent back to browsers under some circumstances * SS-2018-012: Uploaded PHP script execution in assets * SS-2018-011: SQL injection vulnerability * SS-2018-010: Member disclosure in login form * SS-2018-008: BackURL validation bypass with malformed URLs * SS-2018-007: CSRF vulnerability in graphql * SS-2018-007: GraphQL lacks CSRF * SS-2018-006: Code execution vulnerability * SS-2018-005: isDev and isTest unguarded * SS-2018-004: XSS Vulnerability via WYSIWYG editor * SS-2018-001: Privilege Escalation Risk in Member Edit form * SS-2017-010: install.php discloses sensitive data by pre-populating DB credential forms * SS-2017-009: Users inadvertently passing sensitive data to LoginAttempt * SS-2017-008: SQL injection in full text search of SilverStripe 4 * SS-2017-007: CSV Excel Macro Injection * SS-2017-006: Session user agent change detection * SS-2017-005: User enumeration via timing attack on login and password reset forms * SS-2017-004: XSS in page history comparison * SS-2017-003: XSS in RedirectorPage * SS-2017-002: Member disclosure in login form * SS-2017-001: XSS In page name * SS-2016-017: SVG Uploads * SS-2016-016: XSS In CMSSecurity BackURL * SS-2016-015: XSS In OptionsetField and CheckboxSetField * SS-2016-014: Pre-existing alc_enc cookies log users in if remember me is disabled * SS-2016-013: Member.Name isn't escaped * SS-2016-012: Missing ACL on reports * SS-2016-011: ChangePasswordForm doesn't check Member::canLogIn() * SS-2016-010: ReadOnly transformation for formfields exploitable * SS-2016-008: Password encryption salt expiry * SS-2016-007: VersionedRequestFilter vulnerability * SS-2016-006: Missing CSRF protection in login form * SS-2016-005: Brute force bypass on default admin * SS-2016-004: XSS in CMS Edit Page * SS-2016-003: Hostname, IP and Protocol Spoofing through HTTP Headers * SS-2016-002: CSRF vulnerability in GridFieldAddExistingAutocompleter * SS-2016-001: XSS in CMSController BackURL * SS-2015-029: CSRF vulnerability in savetreenodes * SS-2015-028: Missing security check on dev/build/defaults * SS-2015-027: HtmlEditor embed url sanitisation * SS-2015-026: Form field validation message XSS vulnerability * SS-2015-025: Request class name exposure on error * SS-2015-024: Queued jobs serialised data exposure * SS-2015-023: Advanced workflow member field exposure * SS-2015-022: XML escape RSSFeed $link parameter * SS-2015-021: Hash rewrite URL filtering * SS-2015-020: Privilege Escalation Risk in Security Admin * SS-2015-019: Leaky draft stage risk * SS-2015-018: File upload exposure on UserForms module * SS-2015-017: Forum Module CSRF Vulnerability * SS-2015-016: XSS in install.php * SS-2015-015: XSS in dev/build returnURL Parameter * SS-2015-014: Vulnerability on "isDev", "isTest" and "flush" $_GET validation * SS-2015-013: X-Forwarded-Host request hostname injection * SS-2015-012: External redirection risk in Security?ReturnURL * SS-2015-011: Potential SQL Injection Vulnerability * SS-2015-010: XSS in Director::force_redirect() * SS-2015-009: XSS In rewritten hash links * SS-2015-008: SiteTree Creation Permission Vulnerability * SS-2015-007: XSS In FormAction * SS-2015-006: XSS In GridField print * SS-2015-005: VirtualPage XSS * SS-2015-004: TreeDropdownField and TreeMultiSelectField XSS * SS-2015-003: History XSS Vulnerability * SS-2015-001: Debug information exposed * SS-2014-018 * SS-2014-017: XML Quadratic Blowup Attack * SS-2014-016 * SS-2014-015: IE requests not properly behaving with rewritehashlinks * SS-2014-014 * SS-2014-013 * SS-2014-012 * SS-2014-011 * SS-2014-010 * SS-2014-009 * SS-2014-008 * SS-2014-007 * SS-2014-006 * SS-2014-005 * SS-2014-004 * SS-2014-003 * SS-2014-002 * SS-2014-001 * SS-2013-001: Require ADMIN for ?flush=1 * SS-2013-002: SQL injection in Versioned.php * Undefined or empty `$allowed_actions` overrides parent definitions * Information exposure through web access on YAML configuration files * Information exposure through web access on composer files * Require ADMIN permissions for ?showtemplate=1 * Stored XSS in the "New Group" dialog, XSS in CMS status messages * Older releases * SS-2013-003: Privilege escalation through Group hierarchy setting * SS-2013-004: Privilege escalation through Group and Member CSV upload * SS-2013-005: Privilege escalation with APPLY_ROLES * SS-2013-006: Information disclosure in Versioned.php * SS-2013-007: XSS in CMS "Security" section * SS-2013-008: XSS in form validation errors * SS-2013-009: XSS in CMS "Pages" section * CVE-2019-16409 secureassets and versionedfiles modules can expose versions of protected files * CVE-2019-14273 Broken Access control on files * CVE-2019-12617 Access escalation for CMS users with limited access through permission cache pollution * CVE-2019-12203 Session fixation in "change password" form * CVE-2019-12204 Missing warning on install.php on public webroot can lead to unauthenticated admin access * CVE-2019-14272 XSS in file titles managed through the CMS * CVE-2019-12205 Flash Clipboard Reflected XSS * CVE-2019-19325 XSS through non-scalar FormField attributes * CVE-2020-6165 * CVE-2020-9280 Folders migrated from 3.x may be unsafe to upload to * CVE-2020-6164 * CVE-2020-9309 * CVE-2020-9311 * CVE-2019-19326 * CVE-2021-27938 * CVE-2021-25817 * CVE-2020-26138 * CVE-2020-26136 * CVE-2021-28661 * CVE-2021-36150 * CVE-2022-28803 * CVE-2022-25238 * CVE-2021-41559 * CVE-2022-24444 * CVE-2022-29858 * CVE-2022-29254 * Release Archive * Changelog * Release process * Try * Company * What we do * Our work * SilverStripe CMS * Partners * Contact * Careers * Resources * Cloud Platform * Features & Benefits * Expert Support * Private Sector * Public Sector * Pricing Site Menu SILVERSTRIPE OPEN SOURCE * Software * Community * Learn * Blog * Download * Try COMPANY * What we do * Our work * SilverStripe CMS * Partners * Contact * Careers * Resources CLOUD PLATFORM * Features & Benefits * Expert Support * Private Sector * Public Sector * Pricing CVE-2022-29858 - UNPUBLISHED, PROTECTED FILES CAN BE PUBLISHED VIA SHORTCODE × Search Site search CVE-2022-29858 - UNPUBLISHED, PROTECTED FILES CAN BE PUBLISHED VIA SHORTCODE Severity: Medium (?) Identifier:CVE-2022-29858 Versions Affected:silverstripe/assets: <=1.10.0 Versions Fixed:silverstripe/assets: 1.10.1 Draft protected images can be published by changing an existing image shortcode on website content to match the ID of the draft protected image and then publishing the website content. Base CVSS: 4.3 Reported by: ranjit-git via huntr.dev * SilverStripe * SilverStripe * Open Source * Company * Cloud Platform * facebook * Linkedin * Twitter * GitHub * Vimeo * * Privacy Policy * Branding guidelines * BSD License © SilverStripe Limited