CVE-2021-41559

by Fred · 28/06/2022

Silverstripe silverstripe/framework 4.8.1 has a quadratic blowup in Convert::xml2array() that enables a remote attack via a crafted XML document.

Date published : 2022-06-28