📦

framework

Vendor: silverstripe

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 17 Total Indexed

Avg. EPSS 0.44% Exploit Prob.

Latest CVE CVE-2025-30148 Apr 10

Security Vulnerability Index

Page 2 / 2

5.4 CVSS

CVE-2022-38724

Silverstripe silverstripe/framework through 4.11.0, silverstripe/assets through 1.11.0, and silverstripe/asset-admin through 1.11.0 allow XSS.

EPSS: 0.46%

Severity: MEDIUM

Nov 23, 2022

6.1 CVSS

CVE-2022-38462

Silverstripe silverstripe/framework through 4.11 is vulnerable to XSS by carefully crafting a return URL on a /dev/build or /Security/login request.

EPSS: 0.84%

Severity: MEDIUM

Nov 22, 2022

8.8 CVSS

CVE-2022-38148

Silverstripe silverstripe/framework through 4.11 allows SQL Injection.

EPSS: 0.29%

Severity: HIGH

Nov 21, 2022

5.4 CVSS

CVE-2022-38146

Silverstripe silverstripe/framework through 4.11 allows XSS (issue 2 of 3).

EPSS: 0.32%

Severity: MEDIUM

Nov 21, 2022

5.4 CVSS

CVE-2022-25238

Silverstripe silverstripe/framework through 4.10.0 allows XSS, inside of script tags that can can be added to website content via XHR by an authenticated CMS user if the cwp-core module is not installed on the sanitise_server_side contig is not set to true in project code.

EPSS: 0.34%

Severity: MEDIUM

Jun 28, 2022

Displaying 5 of 17 Total Entries

1 2

Total 2 Sections