Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-38724 | 1 Silverstripe | 3 Asset Admin, Assets, Framework | 2022-11-28 | N/A | 5.4 MEDIUM |
Silverstripe silverstripe/framework through 4.11.0, silverstripe/assets through 1.11.0, and silverstripe/asset-admin through 1.11.0 allow XSS. | |||||
CVE-2022-29858 | 1 Silverstripe | 1 Assets | 2022-07-07 | 4.0 MEDIUM | 4.3 MEDIUM |
Silverstripe silverstripe/assets through 1.10 is vulnerable to improper access control that allows protected images to be published by changing an existing image short code on website content. |