First published: Sun Feb 16 2020(Updated: )
CVE-2019-19325: XSS through non-scalar FormField attributes
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
composer/silverstripe/framework | >=4.0.0<4.4.5>=4.5.0<4.5.2 | |
Silverstripe silverstripe | >=4.4.0<4.4.5 | |
Silverstripe silverstripe | >=4.5.0<4.5.2 | |
composer/silverstripe/framework | >=4.0.0<4.4.5 | 4.4.5 |
composer/silverstripe/framework | >=4.5.0<4.5.2 | 4.5.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-19325 is a vulnerability that allows for XSS attacks through non-scalar FormField attributes.
The software affected by CVE-2019-19325 is SilverStripe framework version 4.0.0 up to 4.4.5 and version 4.5.0 up to 4.5.2.
CVE-2019-19325 is a critical vulnerability.
To fix CVE-2019-19325, you should update your SilverStripe framework to version 4.4.6 or version 4.5.3 or later.
You can find more information about CVE-2019-19325 at the following reference: [CVE-2019-19325](https://www.silverstripe.org/download/security-releases/cve-2019-19325/)