CVE-2020-9311
Description
In SilverStripe through 4.5, malicious users with a valid Silverstripe CMS login (usually CMS access) can craft profile information which can lead to XSS for other users through specially crafted login form URLs.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
In SilverStripe CMS through 4.5, authenticated users can cause stored XSS by injecting malicious scripts into profile fields, triggered when other users visit crafted login URLs.
Vulnerability
Overview The vulnerability resides in SilverStripe CMS versions up to 4.5, where insufficient sanitization of user profile data allows stored cross-site scripting (XSS). Authenticated users with CMS access can inject malicious JavaScript code into their profile fields [1]. This injected content is subsequently included in login form URLs generated by the application.
Exploitation
Method An attacker must have a valid CMS account to craft a malicious profile. They then create a specially crafted login URL containing the XSS payload. When other users (e.g., site administrators or regular users) visit this URL, the payload executes in their browser. The attack requires no special privileges beyond a standard CMS login, but successful exploitation depends on tricking victims into clicking the crafted link.
Impact
Successful exploitation leads to arbitrary JavaScript execution in the victim's session context. This can result in session hijacking, data exfiltration, unauthorized actions, or defacement of the CMS interface. The XSS targets users who interact with the login form, making it a cross-user attack vector.
Mitigation
The issue is fixed in SilverStripe versions later than 4.5 [3]. Users are advised to upgrade to a patched release. No workaround is available for unpatched versions, so immediate updating is recommended to mitigate the risk.
AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
silverstripe/cmsPackagist | <= 4.5.0 | — |
silverstripe/frameworkPackagist | >= 3.0.0, < 3.7.5 | 3.7.5 |
Affected products
4- SilverStripe/SilverStripe CMSdescription
- osv-coords3 versions
>= 3.0.0, < 3.7.5+ 2 more
- (no CPE)range: >= 3.0.0, < 3.7.5
- (no CPE)range: <= 4.5.0
- (no CPE)range: >= 3.0.0, < 3.7.5
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- github.com/advisories/GHSA-2pw2-qpcp-m47xghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-9311ghsaADVISORY
- github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2020-9311.yamlghsaWEB
- www.silverstripe.org/download/security-releases/CVE-2020-9311ghsax_refsource_CONFIRMWEB
- www.silverstripe.org/download/security-releases/cve-2020-9311ghsaWEB
News mentions
0No linked articles in our index yet.