nyeholt/silverstripe-advancedreports

GitHub

github.com

Releases17

Frequency7 months 5 days

Last Release almost 6 years ago

Stars13

A reporting module that provides an extra level of configuration and functionality over the base silverstripe structures. Generates static output content in HTML, CSV and PDF formats

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2020-25102 ↗	Sep 3, 2020Thursday, 3 September 2020, 17:15	6.1 MEDIUM	4.3 MEDIUM
silverstripe-advancedreports (aka the Advanced Reports module for SilverStripe) 1.0 through 2.0 is vulnerable to Cross-Site Scripting (XSS) because it is possible to inject and store malicious JavaScript code. The affects admin/advanced-reports/DataObjectReport/EditForm/field/DataObjectReport/item (aka report preview) when an SVG document is provided in the Description parameter.