CVE-2021-36150
packagist/silverstripe/framework
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
SilverStripe Framework allows XSS.
All versions starting from 1.0.0 before 1.8.1, all versions after 1.9.0 up to 4.8.1
Upgrade to version 4.9.0 or above.
2021-10-18
source |