GHSA-xpff-c35g-j3cr
Suggest an improvement- Source
- https://github.com/advisories/GHSA-xpff-c35g-j3cr
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/05/GHSA-xpff-c35g-j3cr/GHSA-xpff-c35g-j3cr.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-xpff-c35g-j3cr
- Published
- 2024-05-27T22:28:13Z
- Modified
- 2024-12-02T05:43:12.514977Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
- Summary
- silverstripe/framework Privilege Escalation Risk in Member Edit form
- Details
-
A member with the permission
EDIT_PERMISSIONSand access to the "Security" section is able to re-assign themselves (or another member) toADMINlevel.CMS Fields for the member are constructed using DirectGroups instead of Groups relation which results in bypassing security logic preventing privilege escalation.
- Database specific
{ "nvd_published_at": null, "cwe_ids": [ "CWE-268" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2024-05-27T22:28:13Z" }- References
-
- https://github.com/silverstripe/silverstripe-framework/commit/577138882163e4b8782ea043487944d30d88e753
- https://github.com/silverstripe/silverstripe-framework/commit/e409d6f673c49846086b23677aecdc3fde5fc4d5
- https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2018-001-1.yaml
- https://github.com/silverstripe/silverstripe-framework
- https://www.silverstripe.org/download/security-releases/ss-2018-001
Affected packages
Packagist / silverstripe/framework
Package
- Name
- silverstripe/framework
- Purl
- pkg:composer/silverstripe/framework
Packagist / silverstripe/framework
Package
- Name
- silverstripe/framework
- Purl
- pkg:composer/silverstripe/framework
Packagist / silverstripe/framework
Package
- Name
- silverstripe/framework
- Purl
- pkg:composer/silverstripe/framework
Packagist / silverstripe/framework
Package
- Name
- silverstripe/framework
- Purl
- pkg:composer/silverstripe/framework