CVE-2021-36150
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in packagist/silverstripe/framework
Identifiers
CVE-2021-36150
Package Slug
packagist/silverstripe/framework
Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Description
SilverStripe Framework allows XSS.
Affected Versions
All versions starting from 1.0.0 before 1.8.1, all versions after 1.9.0 up to 4.8.1
Solution
Upgrade to version 4.9.0 or above.
Last Modified
2021-10-18
| source |