VYPR
Low severityNVD Advisory· Published Apr 28, 2010· Updated Jun 16, 2026

CVE-2010-1593

CVE-2010-1593

Description

Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via (1) the CommenterURL parameter to PostCommentForm, and in the Forum module before 0.2.5 in SilverStripe before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via (2) the Search parameter to forums/search (aka the search script).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
silverstripe/cmsPackagist
< 2.3.52.3.5
silverstripe/frameworkPackagist
< 2.3.52.3.5

Affected products

21
  • cpe:2.3:a:silverstripe:silverstripe:*:*:*:*:*:*:*:*+ 18 more
    • cpe:2.3:a:silverstripe:silverstripe:*:*:*:*:*:*:*:*range: <=2.3.4
    • cpe:2.3:a:silverstripe:silverstripe:2.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:silverstripe:silverstripe:2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:silverstripe:silverstripe:2.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:silverstripe:silverstripe:2.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:silverstripe:silverstripe:2.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:silverstripe:silverstripe:2.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:silverstripe:silverstripe:2.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:silverstripe:silverstripe:2.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:silverstripe:silverstripe:2.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:silverstripe:silverstripe:2.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:silverstripe:silverstripe:2.3.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:silverstripe:silverstripe:2.3.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:silverstripe:silverstripe:2.3.0:rc3:*:*:*:*:*:*
    • cpe:2.3:a:silverstripe:silverstripe:2.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:silverstripe:silverstripe:2.3.1:rc1:*:*:*:*:*:*
    • cpe:2.3:a:silverstripe:silverstripe:2.3.1:rc2:*:*:*:*:*:*
    • cpe:2.3:a:silverstripe:silverstripe:2.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:silverstripe:silverstripe:2.3.3:*:*:*:*:*:*:*
  • ghsa-coords2 versions
    < 2.3.5+ 1 more
    • (no CPE)range: < 2.3.5
    • (no CPE)range: < 2.3.5

Patches

Vulnerability mechanics

References

18

News mentions

0

No linked articles in our index yet.