CVE-2022-38462 Reflected XSS in querystring parameters
- Medium (?)
- Versions Affected:
- silverstripe/framework: ^3.0.0, ^4.0.0
- Versions Fixed:
- silverstripe/framework: 4.11.13
- Release Date:
An attacker could inject a XSS payload in a Silverstripe CMS response by carefully crafting a return URL on a
To exploit this vulnerability, an attacker would need to convince a user to follow a link with a malicious payload.
This will only affect projects configured to output PHP warnings to the browser. By default, Silverstripe CMS will only output PHP warnings if your
SS_ENVIRONMENT_TYPE environment variable is set to dev. Production sites should always set
Read the Environment management documentation for more details on configuring environment variables.
Most projects should be able to apply the patch without further work. There's no legitimate use case for this behaviour.
Regression testing should focus on areas where the
location header is used to redirect users.
Base CVSS: 4.2
Reported by: TF1T via huntr.dev