GHSA-55QG-6C4M-MW6G
Vulnerability from github – Published: 2024-05-27 22:02 – Updated: 2024-05-27 22:02
VLAI
Summary
silverstripe/framework's URL parameters `isDev` and `isTest` unguarded
Details
The URL parameters isDev and isTest are accessible to unauthenticated users who access a SilverStripe website or application. This allows unauthorised users to expose information that is usually hidden on production environments such as verbose errors (including backtraces) and other debugging tools only available to sites running in "dev mode". Core functionality does not expose user data through these methods. Depending on your website configuration, community modules might have added more specific functionality which can be used to either access or alter user data.
We have fixed the usage of isDev and isTest in SilverStripe 4.x, and removed the URL parameters in the next major release of SilverStripe.
Severity
6.5 (Medium)
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "silverstripe/framework"
},
"ranges": [
{
"events": [
{
"introduced": "4.0.0-rc1"
},
{
"fixed": "4.0.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "silverstripe/framework"
},
"ranges": [
{
"events": [
{
"introduced": "4.1.0rc1"
},
{
"fixed": "4.1.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-200"
],
"github_reviewed": true,
"github_reviewed_at": "2024-05-27T22:02:02Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "The URL parameters `isDev` and `isTest` are accessible to unauthenticated users who access a SilverStripe website or application. This allows unauthorised users to expose information that is usually hidden on production environments such as verbose errors (including backtraces) and other debugging tools only available to sites running in \"dev mode\". Core functionality does not expose user data through these methods. Depending on your website configuration, community modules might have added more specific functionality which can be used to either access or alter user data.\n\nWe have fixed the usage of isDev and isTest in SilverStripe 4.x, and removed the URL parameters in the next major release of SilverStripe.",
"id": "GHSA-55qg-6c4m-mw6g",
"modified": "2024-05-27T22:02:02Z",
"published": "2024-05-27T22:02:02Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/silverstripe/silverstripe-framework/commit/d935140a9528a3a42323b51d84fb2bcd3da065a7"
},
{
"type": "WEB",
"url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2018-005-1.yaml"
},
{
"type": "PACKAGE",
"url": "https://github.com/silverstripe/silverstripe-framework"
},
{
"type": "WEB",
"url": "https://www.silverstripe.org/download/security-releases/ss-2018-005"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "silverstripe/framework\u0027s URL parameters `isDev` and `isTest` unguarded"
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…