Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
silverstripeCMS Incorrect Authorization Vulnerability - CVE-2021-28661 - Vulnerability Database
silverstripeCMS

silverstripeCMS Incorrect Authorization Vulnerability - CVE-2021-28661

Medium
Reference: CVE-2021-28661
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-28661
Title: silverstripeCMS Incorrect Authorization Vulnerability
Overview:

Default SilverStripe GraphQL Server (aka silverstripe/graphql) 3.x through 3.4.1 permission checker not inherited by query subclass.