Description

Cross-site scripting (XSS) vulnerability in SilverStripe 2.3.x before 2.3.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to DataObjectSet pagination.

Remediation

References

CVE-2010-5095

Related Vulnerabilities

WordPress Plugin YITH WooCommerce Zoom Magnifier Cross-Site Scripting (1.2.6)

WordPress Plugin Ruben Boelinger wordTube 'wpPATH' Parameter Multiple Remote File Include Vulnerabilities (1.43)

WordPress Plugin Register Plus 'wp-login.php' Multiple Cross-Site Scripting Vulnerabilities (3.5.1)

Apache HTTP Server Improper Encoding or Escaping of Output Vulnerability (CVE-2024-38473)

WordPress Plugin Contact Form DB Multiple Cross-Site Scripting Vulnerabilities (2.8.15)

Severity

Medium

Classification

CVE-2010-5095 CWE-707

Tags

Missing Update Known Vulnerabilities