Browse all 15 CVE security advisories affecting silverstripe. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Silverstripe is an open-source content management system primarily used for building websites and web applications. Historically, it has been susceptible to various vulnerability classes including remote code execution, cross-site scripting, and privilege escalation, with 15 CVEs documented. The platform's modular architecture introduces potential attack surfaces through third-party modules. While no major security incidents have been widely reported, the consistent vulnerability count suggests ongoing security challenges. Silverstripe's permission system has been a recurring area of weakness, often leading to unauthorized access or privilege escalation. Regular security updates and module vetting remain critical for maintaining secure implementations of this CMS.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-30148 | Silverstripe Framework has a XSS vulnerability in HTML editor — silverstripe-frameworkCWE-79 | 5.4 | Medium | 2025-04-10 |
| CVE-2024-53277 | Cross-site Scripting in form messages in silverstripe framework — silverstripe-frameworkCWE-79 | 5.4 | Medium | 2025-01-14 |
| CVE-2024-32981 | Cross-site Scripting vulnerability with encoded payload in silverstripe/framework — silverstripe-frameworkCWE-79 | 5.4 | Medium | 2024-07-17 |
| CVE-2023-48714 | Record titles for restricted records can be viewed if exposed by GridFieldAddExistingAutocompleter — silverstripe-frameworkCWE-200 | 4.3 | Medium | 2024-01-23 |
| CVE-2023-22729 | Silverstripe Framework has open redirect vulnerability on CMSSecurity relogin screen — silverstripe-frameworkCWE-601 | 5.4 | Medium | 2023-04-26 |
| CVE-2023-22728 | Silverstripe Framework has missing permission check of canView in GridFieldPrintButton — silverstripe-frameworkCWE-862 | 4.3 | Medium | 2023-04-26 |
This page lists every published CVE security advisory associated with silverstripe. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.