oss-sec mailing list archives
Cross site scripting vulnerability (XSS) in SilverStripe CMS & Framework v3.2.0
From: CSW Research Lab <disclose () cybersecurityworks com>
Date: Thu, 17 Dec 2015 03:38:04 +0000
Hi all can you please assign cve for this issue ? http://www.silverstripe.org/download/security-releases/ss-2015-026 Proof of Concept URL: ================= [+] http://localhost/Silverstripe/admin/security/EditForm/field/Members/item/new/ItemEditForm/ Parameter ============== [+] Locale [+] FailedLoginCount Credits & Authors ====================== Arjun Basnet from Cyber Security Works Pvt. Ltd. ( http://cybersecurityworks.com)
Current thread:
- Cross site scripting vulnerability (XSS) in SilverStripe CMS & Framework v3.2.0 CSW Research Lab (Dec 16)