GHSA-xc69-p8fc-m6m5: silverstripe/subsites Unsafe SQL Query Construction (Safe Data Source)
There is a low level potential SQL injection vulnerability in the silverstripe/subsites module has been identified and fixed in version 2.1.1.
References
- github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/subsites/SS-2018-016-1.yaml
- github.com/advisories/GHSA-xc69-p8fc-m6m5
- github.com/silverstripe/silverstripe-subsites
- github.com/silverstripe/silverstripe-subsites/commit/bf2c81dce62ae9a7623d224fd31a39505260eb57
- www.silverstripe.org/download/security-releases/ss-2018-016
Code Behaviors & Features
Detect and mitigate GHSA-xc69-p8fc-m6m5 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →