6.1

CVSS Score

3.1

Basic Information

CVE ID

GHSA ID

GHSA-jqp8-v74p-g8px

EPSS Score

CWE

CWE-79

Published

5/23/2024

Updated

5/23/2024

KEV Status

Technology

PHP

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

GHSA-jqp8-v74p-g8px

GHSA-jqp8-v74p-g8px: Silverstripe XSS in Director::force_redirect()

A low level XSS vulnerability has been found in the Framework affecting http redirection via the Director::force_redirect method.

Attempts to redirect to a url may generate HTML which is not safely escaped, and may pose a risk of XSS in some environments.

This vulnerability is marked low as it is difficult to exploit, as any injected HTML will only be returned from the server if the Location HTTP header is also sent, meaning that any user browsing the site would not be exposed to the body of the response before their browser redirects them.

(GitHub Advisory)

6.1

CVSS Score

3.1

Basic Information

CVE ID

GHSA ID

GHSA-jqp8-v74p-g8px

EPSS Score

CWE

CWE-79

Published

5/23/2024

Updated

5/23/2024

KEV Status

Technology

PHP

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
silverstripe/framework	composer	>= 3.1.0, < 3.1.12	3.1.12

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from the original implementation of force_redirect() constructing HTML content with unescaped $destURL parameter. The patch replaced this unsafe manual HTML construction with a proper redirect() method that handles URL sanitization. The direct string interpolation of user-controlled input ($destURL) into HTML context without escaping matches classic XSS vulnerability patterns. The commit diff clearly shows removal of vulnerable HTML construction and the CWE-79 classification confirms this is an output sanitization issue.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* low l*v*l XSS vuln*r**ility **s ***n *oun* in t** *r*m*work *****tin* *ttp r**ir**tion vi* t** *ir**tor::*or**_r**ir**t m*t*o*. *tt*mpts to r**ir**t to * url m*y **n*r*t* *TML w*i** is not s***ly *s**p**, *n* m*y pos* * risk o* XSS in som* *nviron

Reasoning

T** vuln*r**ility st*ms *rom t** ori*in*l impl*m*nt*tion o* `*or**_r**ir**t()` *onstru*tin* *TML *ont*nt wit* un*s**p** $**stURL p*r*m*t*r. T** p*t** r*pl**** t*is uns*** m*nu*l *TML *onstru*tion wit* * prop*r `r**ir**t()` m*t*o* t**t **n*l*s URL s*n

6.1

Basic Information

Concerned about an active attack path?

GHSA-jqp8-v74p-g8px: Silverstripe XSS in Director::force_redirect()

6.1

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI