CVE-2021-41559
Published
CVSS v3
6.5
MEDIUM
CVSS v2
4.3
MEDIUM
Affected
1
PROJECT
Description
Silverstripe silverstripe/framework 4.8.1 has a quadratic blowup in Convert::xml2array() that enables a remote attack via a crafted XML document.
Silverstripe Framework, the MVC framework that powers Silverstripe CMS
GitHub