My site, which is running SS 2.2.1, was severely hacked early this morning.
All the content was changed to porn-related obscenities through the CMS. I need to find out how this happened, and was curious if there are any known security issues with SS that may have caused this. Has anyone else had this problem?
Hey guys, from the core SilverStripe teams side we've contacted redking offline earlier and are looking into this. We are taking this very seriously and will trying to identify if anything specific in the core SilverStripe code was been compromised in this attack.
I appreciate your concern. As Tim mentioned before, I've been contacted about this issue and it's currently being checked out.
My post was not meant to alarm or scare anyone off from using SilverStripe. Just trying to figure this thing out. In fact, feel free to remove this thread, as I do not want to create any confusion or panic. I love this CMS and the SilverStripe team is great! They do a stellar job!
We've investigated this issue and it appears that the hack occurred without using SilverStripe - most likely the attacker gained access to the underlying MySQL database through another means, and altered the content there.