Unrated severityNVD Advisory· Published Aug 26, 2012· Updated Apr 29, 2026
CVE-2010-5095
CVE-2010-5095
Description
Cross-site scripting (XSS) vulnerability in SilverStripe 2.3.x before 2.3.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to DataObjectSet pagination.
Affected products
11cpe:2.3:a:silverstripe:silverstripe:2.3.0:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:silverstripe:silverstripe:2.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:silverstripe:silverstripe:2.3.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:silverstripe:silverstripe:2.3.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:silverstripe:silverstripe:2.3.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:silverstripe:silverstripe:2.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:silverstripe:silverstripe:2.3.1:rc1:*:*:*:*:*:*
- cpe:2.3:a:silverstripe:silverstripe:2.3.1:rc2:*:*:*:*:*:*
- cpe:2.3:a:silverstripe:silverstripe:2.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:silverstripe:silverstripe:2.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:silverstripe:silverstripe:2.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:silverstripe:silverstripe:2.3.5:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- secunia.com/advisories/38697nvdVendor Advisory
- doc.silverstripe.org/sapphire/en/trunk/changelogs//2.3.6nvd
- groups.google.com/group/silverstripe-announce/browse_thread/thread/c75fbd7926ed2725nvd
- www.openwall.com/lists/oss-security/2012/04/30/1nvd
- www.openwall.com/lists/oss-security/2012/04/30/3nvd
- www.openwall.com/lists/oss-security/2012/05/01/3nvd
- www.osvdb.org/62541nvd
- www.securityfocus.com/bid/38394nvd
- www.silverstripe.org/security-releasesnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/56546nvd
News mentions
0No linked articles in our index yet.