Skip to content

Silverstripe CSRF vulnerability in GridFieldAddExistingAutocompleter

Moderate severity GitHub Reviewed Published May 23, 2024 to the GitHub Advisory Database • Updated May 23, 2024

Package

composer silverstripe/framework (Composer)

Affected versions

<= 3.1.16
>= 3.2.0, <= 3.2.1
>= 3.3.0-beta1, <= 3.3.0-rc2

Patched versions

3.1.17
3.2.2
3.3.0

Description

GridField does not have sufficient CSRF protection, meaning that in some cases users with CMS access can be tricked into posting unspecified data into the CMS from external websites. Amongst other default CMS interfaces, GridField is used for management of groups, users and permissions in the CMS.

The resolution for this issue is to ensure that all gridFieldAlterAction submissions are checked for the SecurityID token during submission.

References

Published to the GitHub Advisory Database May 23, 2024
Reviewed May 23, 2024
Last updated May 23, 2024

Severity

Moderate
4.3
/ 10

CVSS base metrics

Attack vector
Network
Attack complexity
Low
Privileges required
None
User interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Weaknesses

CVE ID

No known CVE

GHSA ID

GHSA-2hpc-mf4q-j885

Source code

Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.