SilverStripe Multiple Remote Vulnerabilities
SilverStripe is prone to multiple remote vulnerabilities, including:
1. A cross-site scripting vulnerability
2. An SQL-injection vulnerability
3. An information-disclosure vulnerability
Exploiting these issues could allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, execute arbitrary script code, or steal cookie-based authentication credentials and gain access to sensitive information.
Versions prior to SilverStripe 2.4.4-rc1 and 2.3.10-rc1 are vulnerable.