VYPR
Critical severityOSV Advisory· Published Apr 11, 2019· Updated Aug 4, 2024

CVE-2019-5715

CVE-2019-5715

Description

All versions of SilverStripe 3 prior to 3.6.7 and 3.7.3, and all versions of SilverStripe 4 prior to 4.0.7, 4.1.5, 4.2.4, and 4.3.1 allows Reflected SQL Injection through Form and DataObject.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
silverstripe/frameworkPackagist
>= 3.0.0, < 3.6.73.6.7
silverstripe/frameworkPackagist
>= 4.0.0, < 4.0.74.0.7
silverstripe/frameworkPackagist
>= 3.7.0, < 3.7.33.7.3
silverstripe/frameworkPackagist
>= 4.1.0, < 4.1.54.1.5
silverstripe/frameworkPackagist
>= 4.2.0, < 4.2.44.2.4
silverstripe/frameworkPackagist
>= 4.3.0, < 4.3.14.3.1

Affected products

2

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.