Vulnerabilities > Silverstripe > Silverstripe > 4.5.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-04-15 | CVE-2020-9280 | Unrestricted Upload of File with Dangerous Type vulnerability in Silverstripe In SilverStripe through 4.5, files uploaded via Forms to folders migrated from Silverstripe CMS 3.x may be put to the default "/Uploads" folder instead. | 5.0 |
2020-02-17 | CVE-2019-19325 | Cross-site Scripting vulnerability in Silverstripe SilverStripe through 4.4.x before 4.4.5 and 4.5.x before 4.5.2 allows Reflected XSS on the login form and custom forms. | 4.3 |