Vulnerability Details CVE-2018-17256
Persistent cross-site scripting (XSS) vulnerability in Umbraco CMS 7.12.3 allows authenticated users to inject arbitrary web script via the Header Name of a content (Blog, Content Page, etc.). The vulnerability is exploited when updating or removing public access of a content.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.2%
CVSS Severity
CVSS v3 Score 4.8
CVSS v2 Score 3.5
References
Products affected by CVE-2018-17256
-
cpe:2.3:a:umbraco:umbraco_cms:7.12.3