CVE-2022-38145 Information

Description

Silverstripe silverstripe/framework through 4.11 allows XSS (issue 1 of 3) via remote attackers adding a Javascript payload to a page’s meta description and get it executed in the versioned history compare view.

Reference

https://www.silverstripe.org/download/security-releases/ https://www.silverstripe.org/download/security-releases/CVE-2022-38145 https://www.silverstripe.org/blog/tag/release https://forum.silverstripe.org/c/releases