GHSA-vgxh-x8jv-hmff
Suggest an improvement- Source
- https://github.com/advisories/GHSA-vgxh-x8jv-hmff
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/05/GHSA-vgxh-x8jv-hmff/GHSA-vgxh-x8jv-hmff.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-vgxh-x8jv-hmff
- Published
- 2024-05-27T23:07:35Z
- Modified
- 2024-12-02T05:33:05.449583Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- silverstripe/framework code execution vulnerability
- Details
-
There is a vulnerability whereby arbitrary global functions may be executed if malicious user input is passed through to in the second argument of
ViewableData::renderWith. This argument resolves associative arrays as template placeholders. This exploit requires that user code has been written which makes use of the second argument inrenderWithand where user input is passed directly as a value in an associative array without sanitisation such asConvert::raw2xml().ViewableData::customiseis not vulnerable. - Database specific
{ "nvd_published_at": null, "cwe_ids": [ "CWE-74" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2024-05-27T23:07:35Z" }- References
-
- https://github.com/silverstripe/silverstripe-framework/commit/6f50728b185e62c0087a58b295a015cb13276911
- https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2018-006-1.yaml
- https://github.com/silverstripe/silverstripe-framework
- https://www.silverstripe.org/download/security-releases/ss-2018-006
Affected packages
Packagist / silverstripe/framework
Package
- Name
- silverstripe/framework
- Purl
- pkg:composer/silverstripe/framework
Packagist / silverstripe/framework
Package
- Name
- silverstripe/framework
- Purl
- pkg:composer/silverstripe/framework