Skip to content

Silverstripe XSS in dev/build returnURL Parameter

Moderate severity GitHub Reviewed Published May 23, 2024 to the GitHub Advisory Database • Updated May 23, 2024

Package

composer silverstripe/framework (Composer)

Affected versions

< 3.1.14

Patched versions

3.1.14

Description

A XSS risk exists in the returnURL parameter passed to dev/build. An unvalidated url could cause the user to redirect to an unverified third party url outside of the site.

This issue is resolved in framework 3.1.14 stable release.

References

Published to the GitHub Advisory Database May 23, 2024
Reviewed May 23, 2024
Last updated May 23, 2024

Severity

Moderate
4.7
/ 10

CVSS base metrics

Attack vector
Network
Attack complexity
High
Privileges required
None
User interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N

Weaknesses

CVE ID

No known CVE

GHSA ID

GHSA-hq4p-5mpr-jj9m

Source code

Checking history
See something to contribute? Suggest improvements for this vulnerability.