CVE-2022-38146
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in packagist/silverstripe/admin
Identifiers
GHSA-44xv-v98g-v79f, CVE-2022-38146
Package Slug
packagist/silverstripe/admin
Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Description
Silverstripe silverstripe/framework through 4.11 allows XSS (issue 2 of 3).
Affected Versions
All versions starting from 1.0.0 before 1.11.3
Solution
Upgrade to version 1.11.3 or above.
Last Modified
2022-11-22
| source |