CVE-2026-24749 | SilverStripe Assets Module up to 2.4.4/3.1.2 getSourceURL authorization (GHSA-jgcf-rf45-2f8v)

A vulnerability identified as problematic has been detected in SilverStripe Assets Module up to 2.4.4/3.1.2. The impacted element is the function DBFile::getURL/DBFile::getSourceURL. The manipulation leads to incorrect authorization.

This vulnerability is uniquely identified as CVE-2026-24749. The attack is possible to be carried out remotely. No exploit exists.

You should upgrade the affected component.VulDB Recent EntriesRead More