Latest Vulnerabilities Affecting Silverstripe products

Date	CVE	Title	CVSS
2019-06-11	CVE-2019-12149	SQL Injection vulnerability in Silverstripe Registry and Restfulserver	High
2019-04-11	CVE-2019-5715	SQL Injection vulnerability in Silverstripe	High
2018-01-23	CVE-2017-18049	Injection vulnerability in Silverstripe	Medium
2017-10-12	CVE-2017-12849	Information Leak / Disclosure vulnerability in Silverstripe 3.5.4/3.6.0	Medium
2017-09-15	CVE-2017-14498	Cross-Site Scripting (XSS) vulnerability in Silverstripe 3.6.0	Medium
2017-03-06	CVE-2017-5197	Cross-Site Scripting (XSS) vulnerability in Silverstripe 3.4.3/3.5.0/3.5.1	Medium
2016-04-13	CVE-2015-8606	Cross-Site Scripting (XSS) vulnerability in Silverstripe 3.1.15/3.2.0	Medium
2015-06-24	CVE-2015-5062	SilverStripe CVE-2015-5062 Open Redirection and Cross Site Scripting Vulnerabilities	Medium
2015-06-24	CVE-2015-5063	Cross-Site Scripting (XSS) vulnerability in Silverstripe 3.1.13	Medium
2014-04-08	CVE-2011-4958	Cross-Site Scripting (XSS) vulnerability in Silverstripe	Medium
2013-11-13	CVE-2013-6789	Information Leak / Disclosure vulnerability in Silverstripe 3.0.3	Medium
2013-11-13	CVE-2013-2653	Input Validation vulnerability in Silverstripe 3.0.3	Medium
2013-08-09	CVE-2012-6458	Cross-Site Scripting (XSS) vulnerability in Silverstripe 3.0.0	Medium
2012-09-17	CVE-2010-4823	Cross-Site Scripting (XSS) vulnerability in Silverstripe	Medium
2012-09-17	CVE-2010-4824	SQL Injection vulnerability in Silverstripe	Medium

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.