Description In SilverStripe assets 4.0, there is broken access control on files. Remediation References CVE-2019-14273 Related Vulnerabilities Nginx Out-of-bounds Write Vulnerability (CVE-2011-4315) WordPress Plugin Price Commander for WooCommerce Security Bypass (1.2.2) WordPress Plugin WP Review Slider SQL Injection (12.1) Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0274) Magento CVE-2019-8122 Vulnerability (CVE-2019-8122) Severity Medium Classification CVE-2019-14273 CWE-552 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Tags Missing Update Known Vulnerabilities