Browse all 15 CVE security advisories affecting silverstripe. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Silverstripe is an open-source content management system primarily used for building websites and web applications. Historically, it has been susceptible to various vulnerability classes including remote code execution, cross-site scripting, and privilege escalation, with 15 CVEs documented. The platform's modular architecture introduces potential attack surfaces through third-party modules. While no major security incidents have been widely reported, the consistent vulnerability count suggests ongoing security challenges. Silverstripe's permission system has been a recurring area of weakness, often leading to unauthorized access or privilege escalation. Regular security updates and module vetting remain critical for maintaining secure implementations of this CMS.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-44401 | Silverstripe GraqhQL's view permissions are bypassed for paginated lists of ORM data — silverstripe-graphqlCWE-863 | 5.3 | Medium | 2024-01-23 |
| CVE-2023-40180 | Denial of service vulnerability in silverstripe-graphql via recursive queries — silverstripe-graphqlCWE-400 | 7.5 | High | 2023-10-16 |
| CVE-2023-28104 | silverstripe/graphql Denial of Service vulnerability — silverstripe-graphqlCWE-770 | 7.5 | High | 2023-03-16 |
This page lists every published CVE security advisory associated with silverstripe. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.