CVE-2021-41559

Publication date

2022-06-28 21:27:23

Family

mitre

State

PUBLISHED

Description

Silverstripe silverstripe/framework 4.8.1 has a quadratic blowup in Convert::xml2array() that enables a remote attack via a crafted XML document.