Unrated severityNVD Advisory· Published Nov 13, 2013· Updated Apr 29, 2026

CVE-2013-6789

Description

security/MemberLoginForm.php in SilverStripe 3.0.3 supports credentials in a GET request, which allows remote or local attackers to obtain sensitive information by reading web-server access logs, web-server Referer logs, or the browser history, a similar vulnerability to CVE-2013-2653.

Affected products

Silverstripe/Silverstripe
cpe:2.3:a:silverstripe:silverstripe:3.0.3:*:*:*:*:*:*:*

Patches

3e88c98ca513

https://github.com/chillu/silverstripe-frameworkvia nvd-ref

commit

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/chillu/silverstripe-framework/commit/3e88c98ca513880e2b43ed7f27ade17fef5d9170nvdPatch
seclists.org/bugtraq/2013/Aug/12nvdExploit

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000