Описание
Authenticated path traversal in Umbraco CMS
An authenticated path traversal vulnerability exists during package installation in Umbraco CMS <= 8.9.1 or current, which could result in arbitrary files being written outside of the site home and expected paths when installing an Umbraco package.
Пакеты
Наименование
UmbracoCms
nuget
Затронутые версииВерсия исправления
< 8.9.2
8.9.2
Связанные уязвимости
CVSS3: 6.5
nvd
около 5 лет назад
An authenticated path traversal vulnerability exists during package installation in Umbraco CMS <= 8.9.1 or current, which could result in arbitrary files being written outside of the site home and expected paths when installing an Umbraco package.