{"id":7882,"date":"2015-11-05T21:32:55","date_gmt":"2015-11-06T04:32:55","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?post_type=zerodays&#038;p=7882"},"modified":"2023-02-27T13:18:18","modified_gmt":"2023-02-27T20:18:18","slug":"cve-2015-8606-silverstripe","status":"publish","type":"zerodays","link":"https:\/\/10.42.32.162\/zerodays\/cve-2015-8606-silverstripe\/","title":{"rendered":"CVE-2015-8606 &#8211; Reflected Cross-Site Scripting in SilverStripe CMS &#038; Framework"},"content":{"rendered":"<p style=\"text-align: justify;\">A cross-site scripting (XSS) attack can cause arbitrary code (javascript) to run in a user\u2019s browser while the browser is connected to a trusted web site. The application targets your\u00a0users and not the application itself, but it uses your application as the vehicle for the attack. XSS payload is executed when the user tries to modify the value of the following mentioned variable in SilverStripe CMS &amp; Framework v3.2.0 on 2 Places, whereas listed below along with screenshots for better understanding.<\/p>\n<p>\u00a01. Locale<\/p>\n<p>2. FailedLoginCount<\/p>\n","protected":false},"featured_media":7885,"parent":0,"menu_order":0,"template":"","meta":{"content-type":""},"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/zerodays\/7882"}],"collection":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/zerodays"}],"about":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/types\/zerodays"}],"version-history":[{"count":7,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/zerodays\/7882\/revisions"}],"predecessor-version":[{"id":15334,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/zerodays\/7882\/revisions\/15334"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/media\/7885"}],"wp:attachment":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/media?parent=7882"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}