In SilverStripe through 4.3.3, there is access escalation for CMS users with limited access through permission cache pollution. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Privilege Escalation
Silverstripe
NVD
CVSS 3.1
2.7
EPSS
0.9%