CVE-2019-12204
In SilverStripe through 4.3.3, a missing warning about leaving install.php in a public webroot can lead to unauthenticated admin access.
Date published : 2019-09-25
https://www.silverstripe.org/download/security-releases/CVE-2019-12204