silverstripe/admin is vulnerable to Cross-Site Scripting (XSS). The vulnerability exists in vendor.js
due to an outdated jquery which allows an attacker to inject and execute arbitrary javascript using a specially crafted proto query string parameter.
forum.silverstripe.org/c/releases
github.com/advisories/GHSA-44xv-v98g-v79f
github.com/silverstripe/silverstripe-admin/commit/e27f35538e3978d357a96ad3cf7052a005642247
github.com/silverstripe/silverstripe-admin/pull/1392
www.silverstripe.org/blog/tag/release
www.silverstripe.org/download/security-releases/
www.silverstripe.org/download/security-releases/CVE-2022-38146