Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

CVE-2023-22729 - Open redirect vulnerability on CMSSecurity relogin screen

CVE-2023-22729 - Open redirect vulnerability on CMSSecurity relogin screen

Severity:
Medium (?)
Identifier:
CVE-2023-22729
Versions Affected:
silverstripe/framework: ^4.0.0
Versions Fixed:
silverstripe/framework: 4.12.5, 4.13.0
Release Date:
2023-04-26

An attacker can display a link to a third party website on a login screen by convincing a legitimate content author to follow a specially crafted link.

Base CVSS: 4.3

Reported by: Matthew Dekker