GHSA-52cx-hpc5-cxwc: 
PHP vulnerability analysis and mitigation

The vulnerability (GHSA-52cx-hpc5-cxwc) affects the SilverStripe framework and involves missing Access Control List (ACL) checks on reports. The issue was discovered in 2016 and affects multiple versions of the framework including 3.1.19, 3.2.4, 3.3.2, and 3.4.0. The vulnerability was patched in versions 3.1.20, 3.2.5, 3.3.3, and 3.4.1 (SilverStripe Advisory, GitHub Advisory).

The vulnerability stems from incomplete access control implementation in the SS_Report and CMS reports section. While the system performs canView() checks when listing available reports for the current user, it fails to execute these checks when the report is actually accessed. The vulnerability has been assigned a moderate severity rating with a CVSS score of 4.3, characterized by network attack vector, low attack complexity, low privileges required, and no user interaction needed (GitHub Advisory).

The vulnerability allows users who have access to the Reports section of the CMS to potentially view any report by directly accessing its URL, even if they shouldn't have permission to view that specific report. This results in unauthorized access to potentially sensitive report data (GitHub Advisory).

The vulnerability has been fixed in SilverStripe framework versions 3.1.20, 3.2.5, 3.3.3, and 3.4.1. Users are advised to upgrade to these patched versions to prevent unauthorized access to reports (SilverStripe Advisory).

The vulnerability was initially reported by Matt Peel and was classified as a low severity issue by SilverStripe (SilverStripe Advisory).