PT-2020-9300 · Silverstripe · Silverstripe

Published

2020-02-19

·

Updated

2022-05-24

·

CVE-2019-12246

CVSS v3.1

4.3

Medium

VectorAV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Name of the Vulnerable Software and Affected Versions SilverStripe versions prior to 4.4.0
Description The issue allows for a Denial of Service on flush and development URL tools.
Recommendations For versions prior to 4.4.0, update to version 4.4.0 or later to resolve the issue.

Exploit

Fix

DoS

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2019-12246
GHSA-5FR8-XHQQ-4P3Q

Affected Products

Silverstripe