Description

Cross-site scripting (XSS) vulnerability in SilverStripe 2.3.x before 2.3.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to DataObjectSet pagination.

Remediation

References

CVE-2010-5095

Related Vulnerabilities

MySQL CVE-2018-3182 Vulnerability (CVE-2018-3182)

WordPress Plugin Customer Reviews for WooCommerce Cross-Site Scripting (5.16.0)

MySQL CVE-2021-2012 Vulnerability (CVE-2021-2012)

MySQL CVE-2014-0412 Vulnerability (CVE-2014-0412)

Drupal Core 7.x Multiple Security Bypass Vulnerabilities (7.0 - 7.25)

Severity

Medium

Classification

CVE-2010-5095 CWE-707

Tags

Missing Update Known Vulnerabilities