First published: Sun Nov 21 2021(Updated: )
CVE-2022-38145 - Stored XSS in Compare Mode
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
composer/silverstripe/versioned-admin | >=1.0.0<1.11.1 | |
Silverstripe Framework | >=1.0.0<1.11.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-38145 is a stored XSS vulnerability in Compare Mode in Silverstripe.
CVE-2022-38145 affects Silverstripe framework version 1.0.0 up to 1.11.1 and versioned-admin package version 1.0.0 up to 1.11.1.
CVE-2022-38145 has a severity rating of medium with a CVSS score of 5.4.
To fix CVE-2022-38145, update to a version of Silverstripe framework and versioned-admin package that is higher than 1.11.1.
You can find more information about CVE-2022-38145 in the Silverstripe security releases, forum, and blog.