Описание
Umbraco CMS vulnerable to stored XSS
Persistent cross-site scripting (XSS) vulnerability in Umbraco CMS 7.12.3 allows authenticated users to inject arbitrary web script via the Header Name of a content (Blog, Content Page, etc.). The vulnerability is exploited when updating or removing public access of a content.
Пакеты
Наименование
umbraco
nuget
Затронутые версииВерсия исправления
<= 7.12.3
Отсутствует
Связанные уязвимости
CVSS3: 4.8
nvd
около 7 лет назад
Persistent cross-site scripting (XSS) vulnerability in Umbraco CMS 7.12.3 allows authenticated users to inject arbitrary web script via the Header Name of a content (Blog, Content Page, etc.). The vulnerability is exploited when updating or removing public access of a content.