Unrated severityNVD Advisory· Published Nov 13, 2013· Updated Apr 29, 2026

CVE-2013-2653

Description

security/MemberLoginForm.php in SilverStripe 3.0.3 supports login using a GET request, which makes it easier for remote attackers to conduct phishing attacks without detection by the victim.

Affected products

Silverstripe/Silverstripe
cpe:2.3:a:silverstripe:silverstripe:3.0.3:*:*:*:*:*:*:*

Patches

3e88c98ca513

https://github.com/chillu/silverstripe-frameworkvia nvd-ref

commit

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/chillu/silverstripe-framework/commit/3e88c98ca513880e2b43ed7f27ade17fef5d9170nvdPatch
seclists.org/bugtraq/2013/Aug/12nvdExploit

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.005
exploit	0.030
kev	0.000
patch	-0.070
ransomware	0.000