CVE-2023-38694
Umbraco CMS vulnerable to possible injection of HTML in an unintended form
Umbraco is an ASP.NET content management system (CMS). Starting in version 8.0.0 and prior to versions 8.18.10, 10.7.0, and 12.1.0, a user with access to a specific part of the backoffice is able to inject HTML code into a form where it is not intended. Versions 8.18.10, 10.7.0, and 12.1.0 contain a patch for this issue.
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N
Produtos afetados
umbraco · Umbraco-CMSQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →