Description
Cross-site scripting (XSS) vulnerability in admin/EditForm in SilverStripe 2.4.6 allows remote authenticated users with Content Authors privileges to inject arbitrary web script or HTML via the Title parameter. NOTE: some of these details are obtained from third party information.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2014-0377 Vulnerability (CVE-2014-0377)
WordPress Plugin Slimstat Analytics SQL Injection (3.9.5)
Oracle JRE CVE-2013-2433 Vulnerability (CVE-2013-2433)
Atlassian Jira CVE-2019-20899 Vulnerability (CVE-2019-20899)
ownCloud Improper Input Validation Vulnerability (CVE-2020-28645)