Skip to main content

Assets

2 CVEs product

Monthly

CVE-2022-38724 PHP MEDIUM POC PATCH This Month

Silverstripe silverstripe/framework through 4.11.0, silverstripe/assets through 1.11.0, and silverstripe/asset-admin through 1.11.0 allow XSS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Asset Admin Assets Framework
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2022-29858 PHP MEDIUM POC PATCH This Month

Silverstripe silverstripe/assets through 1.10 is vulnerable to improper access control that allows protected images to be published by changing an existing image short code on website content. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Assets
NVD GitHub
CVSS 3.1
4.3
EPSS
1.2%
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

Silverstripe silverstripe/framework through 4.11.0, silverstripe/assets through 1.11.0, and silverstripe/asset-admin through 1.11.0 allow XSS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Asset Admin Assets +1
NVD
EPSS 1% CVSS 4.3
MEDIUM POC PATCH This Month

Silverstripe silverstripe/assets through 1.10 is vulnerable to improper access control that allows protected images to be published by changing an existing image short code on website content. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Assets
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy