Improper Access Control in Silverstripe Silverstripe/Assets (<=1.10): Unauthorized Publication of Protected Images

Improper Access Control in Silverstripe Silverstripe/Assets (<=1.10): Unauthorized Publication of Protected Images

CVE-2022-29858 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Silverstripe silverstripe/assets through 1.10 is vulnerable to improper access control that allows protected images to be published by changing an existing image short code on website content.

Learn more about our Web App Pen Testing.