This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We've moved the forum!

Please use forum.silverstripe.org for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

What to do if you find a potential security hole

26209 Views

Sam

Administrator, 690 Posts

10 July 2009 at 2:50pm

Edited: 06/02/2015 8:21pm

Hi everyone,

From time to time, people post to the SilverStripe forum to let us know about potential security holes. While we really appreciate this feedback, the problem with posting it to the forum is that it can give would-be hackers a nice searchable index of ways to attack older SilverStripe installations.

So, if you discover a security related issue, we definitely want to hear from you, but rather than posting it to the forum or the bug tracker, please email security@silverstripe.org. We can then assess the issue, and if necessary, release an update to SilverStripe or to the relevant module.

More information: http://doc.silverstripe.org/en/contributing/issues_and_bugs/#reporting-security-issues

Thanks,
Sam

Return to top