CVE-2019-14273

描述

In SilverStripe assets 4.0, there is broken access control on files.

受影響套件(1)

• Packagist/silverstripe/framework>= 4.0.0, < 4.3.5

CVSS 分數

參考連結(7)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2019-14273
• PATCHhttps://github.com/FriendsOfPHP/security-advisories
• WEBhttps://forum.silverstripe.org/c/releases
• WEBhttps://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-14273.yaml
• WEBhttps://www.silverstripe.org/blog/tag/release
• WEBhttps://www.silverstripe.org/download/security-releases
• WEBhttps://www.silverstripe.org/download/security-releases/CVE-2019-14273