漏洞标题
N/A
漏洞描述信息
SilverStripe 4.5.0 允许攻击者读取某些不应该放入结果集的记录。这会影响 silverstripe/recipe-cms。 SilverStripe/graphql 模块中的自动权限检查机制并未提供对有限列表的完全保护,例如通过分页,导致那些应该通过权限检查失败的记录被添加到最终结果集。默认情况下,GraphQL端点被配置(例如,用于资源),但管理员/graphql端点默认情况下被访问保护。这限制了漏洞对所有已验证的用户,包括那些具有有限权限的用户(例如,通过管理员/graphql暴露的记录需要管理员权限)。然而,如果为特定实现配置了自定义的 GraphQL 端点(通常在 /graphql 之下),这个漏洞也可以通过未验证的请求进行利用。这个漏洞仅适用于读取记录;它不允许未经授权的改变记录。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
SilverStripe 4.5.0 allows attackers to read certain records that should not have been placed into a result set. This affects silverstripe/recipe-cms. The automatic permission-checking mechanism in the silverstripe/graphql module does not provide complete protection against lists that are limited (e.g., through pagination), resulting in records that should have failed a permission check being added to the final result set. GraphQL endpoints are configured by default (e.g., for assets), but the admin/graphql endpoint is access protected by default. This limits the vulnerability to all authenticated users, including those with limited permissions (e.g., where viewing records exposed through admin/graphql requires administrator permissions). However, if custom GraphQL endpoints have been configured for a specific implementation (usually under /graphql), this vulnerability could also be exploited through unauthenticated requests. This vulnerability only applies to reading records; it does not allow unauthorised changing of records.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
SilverStripe 安全漏洞
漏洞描述信息
SilverStripe是新西兰SilverStripe公司的一套开源的编程框架和内容管理系统 (CMS)。该系统具有支持多国语言、跨平台等特点。 SilverStripe 4.5.0版本中存在安全漏洞,该漏洞源于silverstripe/graphql模块中的自动权限检查机制没有对被限制的列表进行充分地安全保护。攻击者可利用该漏洞获取信息。
CVSS信息
N/A
漏洞类别
其他