CVE-2019-5715

All versions of SilverStripe 3 prior to 3.6.7 and 3.7.3, and all versions of SilverStripe 4 prior to 4.0.7, 4.1.5, 4.2.4, and 4.3.1 allows Reflected SQL Injection through Form and DataObject.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:silverstripe:silverstripe:4.3.0:*:*:*:*:*:*:*
cpe:2.3:a:silverstripe:silverstripe:*:*:*:*:*:*:*:*
cpe:2.3:a:silverstripe:silverstripe:*:*:*:*:*:*:*:*
cpe:2.3:a:silverstripe:silverstripe:*:*:*:*:*:*:*:*
cpe:2.3:a:silverstripe:silverstripe:*:*:*:*:*:*:*:*
cpe:2.3:a:silverstripe:silverstripe:*:*:*:*:*:*:*:*

Information

Published : 2019-04-11 12:29

Updated : 2019-04-12 05:08


NVD link : CVE-2019-5715

Mitre link : CVE-2019-5715


JSON object : View

CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Advertisement

dedicated server usa

Products Affected

silverstripe

  • silverstripe