SS-2017-001: XSS In page name (and a question)

20 views

Skip to first unread message

Patrick Nelson

unread,

Feb 7, 2017, 10:23:22 PM2/7/17

to silverst...@googlegroups.com

I noticed a low severity vulnerability was posted in our security releases page here:

https://www.silverstripe.org/download/security-releases/ss-2017-001/

I'm having trouble understanding the description. Could someone please provide a more detailed explanation, or better, a PoC for this as well as a context? I presume this requires CMS access.

Reply all

Reply to author

Forward

0 new messages