Vulnerability DB

VULNERABILITY	AFFECTS	TYPE	PUBLISHED
H SQL Injection	silverstripe/framework >=4.0.0-rc1, <4.0.6 >=4.1.0-rc1, <4.1.4 >=4.2.0-rc1, <4.2.3	Composer	29 May 2024
M Cross-site Scripting (XSS)	getformwork/formwork <1.13.0	Composer	29 May 2024
M Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')	magento/community-edition >=2.1, <2.1.15 >=2.2, <2.2.6	Composer	29 May 2024
M Information Exposure Through an Error Message	silverstripe/framework >=3.7.0-rc1, <3.7.1 >=4.0.0-rc1, <4.0.5 >=4.1.0-rc1, <4.1.3 >=4.2.0-rc1, <4.2.2	Composer	29 May 2024
M Cross-site Scripting (XSS)	silverstripe/comments >=1.3.0, <3.1.1	Composer	28 May 2024
L Information Exposure	silverstripe/framework >=3.5.5-rc1, <3.7.0 >=4.0.3-rc1, <4.0.4 >=4.1.0-rc1, <4.1.1	Composer	28 May 2024
H Unrestricted Upload of File with Dangerous Type	silverstripe/framework >=3.6.5-rc1, <3.6.6 >=4.0.3-rc1, <4.0.4 >=4.1.0-rc1, <4.1.1	Composer	28 May 2024
M Information Exposure	silverstripe/framework >=4.0.0-rc1, <4.0.4 >=4.1.0rc1, <4.1.1	Composer	28 May 2024
H Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')	silverstripe/framework >=4.0.3-rc1, <4.0.4 >=4.1.0-rc1, <4.1.1	Composer	28 May 2024
H URL Redirection to Untrusted Site ('Open Redirect')	silverstripe/framework >=4.0.0-rc1, <4.0.4 >=4.1.0-rc1, <4.1.1	Composer	28 May 2024
M Privilege Escalation	silverstripe/framework >=3.5.7-rc1, <3.5.8 >=3.6.0-rc1, <3.6.6 >=4.0.0-rc1, <4.0.4 >=4.1.0-rc1, <4.1.1	Composer	28 May 2024
M Information Exposure	silverstripe/framework >=4.0.0-rc1, <4.0.1	Composer	28 May 2024
H Missing Encryption of Sensitive Data	silverstripe/framework >=3.5.0-rc1, <3.5.6 >=3.6.0-rc1, <3.6.3 >=4.0.0-rc1, <4.0.1	Composer	28 May 2024
H SQL Injection	silverstripe/framework >=3.5.0-rc1, <3.5.6 >=3.6.0-rc1, <3.6.3 >=4.0.0-rc1, <4.0.1	Composer	28 May 2024
H Session Fixation	silverstripe/framework >=3.5.0-rc1, <3.5.6 >=3.6.0-rc1, <3.6.3	Composer	28 May 2024
M Cross-site Scripting (XSS)	silverstripe/framework >=3.4.0-rc1, <3.4.6 >=3.5.0-rc1, <3.5.4	Composer	28 May 2024
M Cross-site Scripting (XSS)	silverstripe/framework >=3.4.0-rc1, <3.4.6 >=3.5.0-rc1, <3.5.4	Composer	28 May 2024
M Information Exposure	silverstripe/framework >=3.4.0-rc1, <3.4.6 >=3.5.0-rc1, <3.5.4	Composer	28 May 2024
M Cross-site Scripting (XSS)	silverstripe/framework >=3.1.19-rc1, <3.1.20 >=3.2.4-rc1, <3.2.5 >=3.3.2-rc1, <3.3.3 >=3.4.0-rc1, <3.4.1	Composer	28 May 2024
M Cross-site Scripting (XSS)	silverstripe/framework >=3.1.19-rc1, <3.1.20 >=3.2.4-rc1, <3.2.5 >=3.3.2-rc1, <3.3.3 >=3.4.0-rc1, <3.4.1	Composer	28 May 2024
M Cross-site Scripting (XSS)	silverstripe/framework >=3.1.0-rc1, <3.1.21 >=3.2.0-rc1, <3.2.6 >=3.3.0-rc1, <3.3.4 >=3.4.0-rc1, <3.4.2	Composer	28 May 2024
M Cross-site Scripting (XSS)	silverstripe/framework >=3.4.0-rc1, <3.4.4 >=3.5.0-rc1, <3.5.2	Composer	28 May 2024
L Insufficient Session Expiration	silverstripe/framework >=3.1.19-rc1, <3.1.20 >=3.2.4-rc1, <3.2.5 >=3.3.2-rc1, <3.3.3 >=3.4.0-rc1, <3.4.1	Composer	28 May 2024
M Cross-site Scripting (XSS)	silverstripe/framework >=3.1.19-rc1, <3.1.20 >=3.2.4-rc1, <3.2.5 >=3.3.2-rc1, <3.3.3 >=3.4.0-rc1, <3.4.1	Composer	28 May 2024
M Improper Authentication	silverstripe/framework >=3.1.19-rc1, <3.1.20 >=3.2.4-rc1, <3.2.5 >=3.3.2-rc1, <3.3.3 >=3.4.0-rc1, <3.4.1	Composer	28 May 2024
M Missing Authorization	silverstripe/framework >=3.1.19-rc1, <3.1.20 >=3.2.4-rc1, <3.2.5 >=3.3.2-rc1, <3.3.3 >=3.4.0-rc1, <3.4.1	Composer	28 May 2024
L Use of a One-Way Hash without a Salt	silverstripe/framework >=3.1.19-rc1, <3.1.20 >=3.2.4-rc1, <3.2.5 >=3.3.2-rc1, <3.3.3 >=3.4.0-rc1, <3.4.1	Composer	28 May 2024
M Improper Input Validation	silverstripe/framework >=4.0.0-rc1, <4.0.4 >=4.1.0-rc1, <4.1.1	Composer	28 May 2024
M Information Exposure	silverstripe/framework >=4.0.0-rc1, <4.0.4 >=4.1.0-rc1, <4.1.1	Composer	28 May 2024
H SQL Injection	dolibarr/dolibarr >=0.0.0	Composer	26 May 2024

APPLICATION

OPERATING SYSTEM