Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Silverstripe silverstripe/cms through 4.11.0 allows XSS.
Silverstripe silverstripe/cms through 4.11.0 allows XSS.
Business Logic Errors in GitHub repository silverstripe/silverstripe-framework
Default SilverStripe GraphQL Server (aka silverstripe/graphql) permission checker is not inherited by query subclass.
SilverStripe Framework suffers from a XSS vulnerablity.