Packagist (Composer) package
silverstripe/userforms
pkg:composer/silverstripe/userforms
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-9280 | — | >= 5.0.0, < 5.4.2 | 5.4.2 | Apr 15, 2020 | In SilverStripe through 4.5, files uploaded via Forms to folders migrated from Silverstripe CMS 3.x may be put to the default "/Uploads" folder instead. This affects installations which allowed upload folder protection via the optional silverstripe/secureassets module under 3.x. |
- CVE-2020-9280Apr 15, 2020affected >= 5.0.0, < 5.4.2fixed 5.4.2
In SilverStripe through 4.5, files uploaded via Forms to folders migrated from Silverstripe CMS 3.x may be put to the default "/Uploads" folder instead. This affects installations which allowed upload folder protection via the optional silverstripe/secureassets module under 3.x.