Memn0Ps

**Name of the Vulnerable Software and Affected Versions** Silverstripe CMS versions prior to 4.5 Silverstripe versions prior to 4.5 **Description** The issue allows for web cache poisoning through the modification of the `X-Original-Url` and `X-HTTP-Method-Override` headers. This can lead to responses with malicious HTTP headers being returned to other consumers of the cached response. **Recommendations** For Silverstripe CMS versions prior to 4.5, consider disabling HTTP Cache Headers on responses served by the framework's HTTP layer as a temporary workaround until a patch is available. Restrict access to the HTTPRequestBuilder to minimize the risk of exploitation.