CRITICAL9.8CVE-2019-12204Missing warning can lead to unauthenticated admin access in SilverStripe >= 4.4.0, < 4.4.4
HIGH8.8CVE-2020-9309Silverstripe CMS malicious file upload enables script execution from 0, <= 4.5.0
from 0, <= 4.5.0
MEDIUM6.1Silverstripe CMS XSS Vulnerability
from 0, < 3.6.1
MEDIUM6.1Silverstripe CMS XSS Vulnerability
from 0, < 3.4.4
MEDIUM6.1Silverstripe CMS XSS Vulnerability
from 0, < 3.1.16
MEDIUM5.4Silverstipe CMS Stored XSS in custom meta tags
>= 4.0.0, < 4.11.3
MEDIUM5.4Silverstripe CMS XSS Vulnerability
from 0, <= 4.5.0
MEDIUM5.3Silverstripe CMS User Enumeration
from 0, < 3.5.5
—Silverstripe CMS Arbitrary Code Execution
>= 2.4.0, < 2.4.6
—Silverstripe CMS Open Redirect
from 0, <= 3.1.13
—SilverStripe vulnerable to Cross-site Scripting
from 0, < 2.3.5